Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: um: Fixed potential integer overflow during physmem setup. This issue occurs when the real map size is greater than LONGMAX, and it can be easily triggered on UML/i386...

Astra Linux – Vulnerability in Qemu

QEMU 5.0.0 has a use-after-free issue in the hw/usb/hcd-xhci.c file, as the return value of usbpacketmap is not checked...

Astra Linux – Vulnerability in yaml-cpp

The SingleDocParser::HandleFlowMap function in yaml-cpp also known as LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service resource consumption and application crash through a crafted YAML file...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: clocksource/drivers/cadence-ttc: Fixed a memory leak in ttctimerprobe. Matching reports: drivers/clocksource/timer-cadence-ttc.c: Line 529, ttctimerprobe; Warning: ‘timerbaseaddr’ from ofiomap is not released on lines...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending The sk-sksocket is not locked or referenced in backlog thread, and during the call to skbsendsock, there is a race condition with the release of sksocket. All types of...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed idx validation in i40evalidatequeuemap. Ensured that the idx value is within the range of active/initialized TC’s when iterating over vf-chidx in i40evalidatequeuemap...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose-height boundary issue Syzkaller identified a bug: BUG: Unable to handle page faults for address: ffffc9000a3b1000 PF: Supervisor write access in kernel mode PF: Errorcode0x0002 – Not-present page PGD...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: BPF, sockmap: Prevent lock inversion deadlock in mapdeleteelem operation. The syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Since BPF tracing programs can be invoked fr...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/gpusvm: fixed the usage of hmmpfntomaporder Handled the case where the hmm range partially covers a large page such as 2M. Otherwise, we might end up doing something unpleasant, such as mapping memory that is outside the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/paprscm: Fixed the issue where elements of nvdimmeventsmap were leaking during calls to paprscmpmucheckevents, paprscmremove, and paprscmpmuregister. Additionally, during paprscmpmucheckevents, errors occurred when...

Astra Linux – Vulnerability in Qemu

A reachable assertion issue was detected in the USB EHCI emulation code of QEMU. This issue can occur during the processing of USB requests due to a faulty handling of the DMA memory map. A malicious privileged user within the guest environment may exploit this flaw to send invalid USB requests,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fixed the race condition involving skb after locking changes. There is a race condition where the skb from the skpsockbacklog can be referenced after the user-space side has already consumed the skbuff using...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: soundwire: Reverted “soundwire: qcom: Add setchannelmap API support”. This reversion corresponds to commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch caused issues with Dragonboard 845c sdm845. The following errors...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Binder: Fix for double-free in dbitmap A process may fail to allocate a new bitmap when attempting to expand its proc-dmap. In such cases, dbitmapgrow fails and frees the old bitmap via dbitmapfree. However, the driver calls...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fixed the double dmabufunpin in the failure path. In ibumemdmabufgetpinnedwithdmadevice, the call to ibumemdmabufmappages may fail. If this occurs, the dmabuf is immediately unpinned, but the umemdmabuf-pinned flag...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the size of the bloom filter map values This patch adds a missing check to the bloom filter creation process, preventing the rejection of values that exceed KMALLOCMAXSIZE. This brings the bloom map in line with many...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: XDP: Use the flags field to disambiguate broadcast redirections When redirecting a packet using XDP, the bpfredirectmap helper function sets the redirection destination information in the struct bpfredirectinfo structure using th...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Deferring the release of the inner map when necessary When updating or deleting an inner map in the map array or map htab, the map may still be accessed by non-sleepable programs or sleepable programs. However, when the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: devmap: provide rxq after redirect rxq contains a pointer to the device from where the redirect happened. Currently, the BPF program that was executed after a redirect via BPFMAPTYPEDEVMAP does not have it set. This is...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed an infinite loop issue when len is 0 in the tcpbpfrecvmsg parser. When the buffer length of the recvmsg system call is 0, a soft lockup problem occurred. watchdog: BUG: Soft lockup – CPU3 stuck for 27...