Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fixed the issue where GEM handle creation was subject to ref counting. Previously, panfrostgemcreatewithhandle would return a BO, but only with a reference to the handle. User space could theoretically guess this...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fixed NULL page-mapping dereference in pageissecretmem Checked for a NULL page-mapping before dereferencing the mapping in pageissecretmem, as the page’s mapping can be nullified while gup is running, for example, b...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Shmem writes are flushed before mapping buffers with cached mappings. The shmem layer zeroes out new pages using cached mappings. If we do not flush these writes using the CPU, we might leave dirty cachelines behind,...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: fixed the UBSAN warning in kvdpm.c Added a bounds check for sumovidmappingentry...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: riscv: Fixed the issue of loading 64-bit NOMMU kernels beyond the start of RAM. The commit 3335068f8721 “riscv: Use PUD/P4D/PGD pages for the linear mapping” added logic to allow using memory below the kernel’s load address...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/MADVCOLLAPSE: handling !none !huge !bad pmd lookups In commit 34488399fa08 “mm/madvise: adding file and shmem support to MADVCOLLAPSE”, we made the following change to findpmdorthpornone: – if !pmdpresentpmde return...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the userspace attempts to access the dma-buf via the CPU, as reported by syzbot: WARNING: CPU: 1 PID: 35...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: riscv: Rewrite kernelmappages to prevent sleeping in an invalid context. kernelmappages is a debugging function that clears the valid bit in page table entries for deallocated pages, thereby detecting illegal memory accesses to...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Makes the DPT object unshrinkable. In some scenarios, the DPT object gets shrunk, but the actual framebuffer does not, and thus it remains in the DPT’s vm-boundlist. Then, an attempt is made to rewrite the PTEs...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Reverted the behavior where “Info: mapping multiple BARs. Your kernel is fine.” was avoided. Undo the modifications made in commit d410ee5109a1 “ACPICA: avoid “Info: mapping multiple BARs. Your kernel is fine.””. The...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fixed page mapping when vmareaallocpages uses high-order fallback to order 0. The vmappagesrangenoflush function assumes that its argument pages contains pages with the same page shift. However, since commit...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden the getcpuforacpiid function to prevent errors when a missing CPU entry is used. During a review discussion of the changes to support vCPU hotplug, it was noted that a check was added to ensure the GICC Global...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fixed an issue where the CMA heap fault handler made a mistake in calculating the boundary. Until the VMDONTEXPAND flag was added in commit 1c1914d6e8c6 “dma-buf: heaps: Don’t track CMA dma-buf pages under RssFile...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Map EBADMSG to nfserrio to avoid warnings. Ext4 will throw -EBADMSG during ext4readdir when a checksum error occurs, resulting in the following warning. Fix this by mapping EBADMSG to nfserrio. nfsdbufferedreaddir...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs/inode: Prevent dumpmapping from accessing invalid dentry.dname.name It has been observed that a crash occurs during the hot removal of a memory device, in which the user is accessing hugetlb. See the call trace as follows:...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: uprobes: Fixed a kernel information leak via “uprobes” vma. xoladdvma: Maps the uninitialized page allocated by createxolarea into user space. On some architectures x86, this memory is readable even without VMREAD or VMEXEC;...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: device-dax: The pgoff alignment in daxsetmapping should use ALIGNDOWN instead of ALIGN. Otherwise, vmf-address, which is not aligned with faultsize, will be aligned to the next alignment, which can lead to memory failures due ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netmem: prevents the transmission of unreadable SKBs Service Control Blocks Currently, in stable versions of the kernel, we have support for netmem/devmem RX operations, but not TX operations. It is not safe to forward/redirect a...

Astra Linux - уязвимость в linux

The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe...

Astra Linux – Vulnerability in Samba

A flaw was discovered in Samba. The Samba smbd file server must map Windows group identities SIDs to Unix group IDs gids. The code responsible for this mapping contained a flaw that could allow it to read data beyond the end of the array, in the event that a negative cache entry was added to the...