Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix the loop condition in f2fsquotasync The parameter cnt should be passed to sbhasquotaactive, rather than type, to correctly check the active quota. Moreover, when the type is -1, the compiler, with sufficient inli...

Astra Linux - уязвимость в edk2

EDK2’s Network Package is vulnerable to an infinite loop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of availability...

Astra Linux - уязвимость в python-tornado

Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in th...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fixed soft lockup issues. There is a while-loop in astdpsetonoff, which could lead to an infinite loop. This is because the register VGACRI-Dx checked in this API is actually a scratch register controlled by a MCU named...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection, as a cycle would result in a call stack overflow ctx-level = NFTJUMPSTACKSIZE. It also follows maps via -validate callback in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: accounts for free pages to prevent infinite loops in throttledirectreclaim. The task sometimes continues looping in throttledirectreclaim because allowdirectreclaimpgdat keeps returning false. The call stack is as...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed an infinite loop issue when len is 0 in the tcpbpfrecvmsg parser. When the buffer length of the recvmsg system call is 0, a soft lockup problem occurred. watchdog: BUG: Soft lockup – CPU3 stuck for 27...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mac80211: Fixed a deadlock issue in AP/VLAN handling. Syzbot reports that when APVLAN interfaces are active, closing the AP interface they belong to can lead to a deadlock. This isn’t surprising—since we use devclose to handle...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Error checking was added to ext4extreplaysetiblocks. If the call to ext4mapblocks fails due to a corrupted file system, ext4extreplaysetiblocks may get stuck in an infinite loop. This issue can be reproduced by running...

Astra Linux - уязвимость в qemu

In QEMU 5.0.0, the hw/usb/hcd-ohci.c file contains an infinite loop when a TD list has a loop...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: aoss: The issue of a reference count leak in qmpcoolingdevicesregister has been fixed. In every iteration of the foreachavailablechildofnode loop, the reference count of the previous node is decremented. When exiting t...

Astra Linux - уязвимость в qemu

In QEMU 5.0.0, the file hw/net/e1000ecore.c contains an infinite loop that occurs due to a NULL buffer address in the RX descriptor...

Astra Linux - уязвимость в python-django

A issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm: Fix for 6 GHz scan construction If there are more than 255 colocated APs available for the set of APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop indefinitely. This is because t...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: Resets cid to connum – 1 to remain within bounds. In the function initconns, after the createcon and createcm calls for the loop, if something fails. During the cleanup phase of the loop, after the destroy tag, we...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘ipmi: fix msg stack when IPMI is disconnected’” This change is reflected in the commit c608966f3f9c2dca596967501d00753282b395fc. This patch contains a subtle bug that can cause the IPMI driver to enter an infinite loop i...

Astra Linux - уязвимость в samba

An infinite loop vulnerability was discovered in Samba’s mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function slunpackloop failed to validate a field in the network packet that contains the count of elements in an array-li...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check the return value of indxfind to avoid infinite loops We have identified a bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed dentry in the ntfs3 filesystem can cause the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: - In the dsa module, potential memory leaks were fixed in dsaloopinit. - kmemleak reported memory leaks in dsaloopinit: 12 new suspected memory leaks. - The unreferenced object 0xffff8880138ce000 size 2048 contains the followi...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: loop: Overflow check during loop configuration The user space can configure a loop using an ioctl call. In this process, a configuration of type loopconfig is passed see the loioctl case on line 1550 of drivers/block/loop.c. This...