Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/gpusvm: fixed the usage of hmmpfntomaporder Handled the case where the hmm range partially covers a huge page such as 2M. Otherwise, we might end up doing something unpleasant, such as mapping memory that is outside the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: - BPF: The rcureadlockTraceheld function in bpfmaplookuppercpuelem needs to be checked. The bpfmaplookuppercpuelem helper function is also available for sleepable BPF programs. When BPF JIT is disabled or on a 32-bit host,...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed an infinite loop issue when len is 0 in the tcpbpfrecvmsg parser. When the buffer length of the recvmsg system call is 0, the following soft lockup problem occurred: watchdog: BUG: Soft lockup – CPU3 stuck...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use a u64 type for the bankmap. The maximum number of MCA banks is 64 MAXNRBANKS; see a0bc32b3cacf “x86/mce: Increase the maximum number of banks to 64”. However, the bankmap, which contains a bitfield indicating whi...

Astra Linux – Vulnerability in yaml-cpp

The SingleDocParser::HandleFlowMap function in yaml-cpp also known as LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service resource consumption and application crash through a crafted YAML file...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: A leak was fixed in mapuserpages. If getuserpagesfast allocates some pages, but not as many as we wanted, then the current code causes those pages to be leaked. Call putpage on the pages before returning...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm: swap: check for stable address space before operating on the VMA It is possible to encounter a zero entry while traversing the vmas in unusemm, called from the swapoff path. Accessing this zero entry can result in an OOPS...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: c sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. Therefore, the function must ensure...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: clocksource/drivers/cadence-ttc: Fixed a memory leak in ttctimerprobe. Matching reports: drivers/clocksource/timer-cadence-ttc.c: Line 529, ttctimerprobe; Warning: ‘timerbaseaddr’ from ofiomap is not released on lines...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fixed a use-after-free race condition in the fault handler. When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Misc: pciendpointtest: Fixed the panic that occurs when calling pciendpointtestcopy,write,read The dmamapsingle function does not allow zero-length mappings. This causes a panic. A panic was reported on the arm64 architecture:...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: EFI: libstub – Only “free privRuntimeMap” is returned when it is allocated. “privRuntimeMap” is only allocated when “efinovamap” is not set. Otherwise, it remains an uninitialized value. In the error path, “privRuntimeMap” is fre...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fixed the issue when the kexec target address is allocated in the CMA area. Description of the bug When I tested kexec with the latest kernel, I encountered the following warning: 40.712410 ------------ cut here ---...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix the dmabuf object leak in fastrpcmaplookup In fastrpcmaplookup, the dmabufget function is called to obtain a reference to the dmabuf object for comparison purposes. However, this reference is never released whe...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: XDP: Use the flags field to disambiguate broadcast redirections When redirecting a packet using XDP, the bpfredirectmap helper function sets the redirection destination information in the struct bpfredirectinfo structure using th...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed a NULL pointer dereference in hnsrocemapmrsg. ibmapmrsg allows ULPs to specify NULL as the sgoffset argument. The driver needs to check whether the argument is a NULL pointer before dereferencing it...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Mark the bpf prog stack with kmsanunpoisonmemory in interpreter mode. syzbot reported uninitialized memory usage during maplookup,deleteelem. ========== BUG: KMSAN: uninitvalue in devmaplookupelem kernel/bpf/devmap.c:441...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an issue where the extent map was used after freeing memory when adding pages to compressed Bio data structures. In the function addrabiopages, we access the extent map to calculate ‘addsize’. After releasing the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk When ofirqparseraw is invoked with a device address smaller than the interrupt parent node from address-cells property, KASAN detects the following...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: devmap: provide rxq after redirect The rxq structure contains a pointer to the device from which the redirect occurred. Currently, the BPF program that is executed after a redirect via BPFMAPTYPEDEVMAP does not set this...