Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: fscrypt: The destroykeyring function must be called after securitysbdelete. The fscryptDestroykeyring function must be called after all potentially-encrypted inodes have been evicted; otherwise, it cannot safely destroy the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix module reference leak A reference to the carrier module was taken every time it was used, but it was only released once, when the final reference to the tty struct was removed. This issue is fixed by taking th...

Astra Linux - уязвимость в libmodule-scandeps-perl

Qualys discovered that if unsanitized input was used with the Modules::ScanDeps library, before version 1.36, a local attacker could potentially execute arbitrary shell commands by opening a “pesky pipe” e.g., passing “commands|” as a filename or by passing arbitrary strings to the eval function...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix tcpinittransfer so that icskcainitialized is not reset. This commit fixes a bug discovered by syzkaller. The bug could cause spurious double-initulations for congestion control modules. This could lead to memory leaks or...

Astra Linux - уязвимость в samba

The Samba vfsfruit module utilizes extended file attributes EA, xattr to enhance compatibility with Apple SMB clients and interoperability with Netatalk 3 AFP file servers. Samba versions prior to 4.13.17, 4.14.12, and 4.15.5, when vfsfruit was configured, allowed out-of-bounds heap read and writ...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: macb: fixed the use of “free” after calling “rmmod”. “platdev-dev-platformdata” is released by calling “platformdeviceunregister”. The use of “pclk” and “hclk” constitutes a use-after-free. Since “deviceunregister” does n...

Astra Linux - уязвимость в pam-pkcs11

PAM-PKCS11 is a Linux-PAM login module that enables user login using X.509 certificates. Prior to version 0.6.13, if certpolicy was set to none the default value, then pampkcs11 would only check whether the user was capable of logging into the token. An attacker could create a new token using the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - media: verisilicon: Fixed a kernel panic caused by misuse of initconst. - Fixed a kernel panic when probing the driver as a module: - Unable to handle kernel paging requests at the virtual address ffffd9c18eb05000. - Locatio...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: The commit mutex should not be released during the critical section between nftgcseqbegin and nftgcseqend. Otherwise, the async GC worker could collect expired objects and obtain the released commit lock with...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bonding: An oops occurred during the rmmod operation. The command “rmmod bonding” causes an oops since the commit with the code change cc317ea3d927” „bonding: remove the redundant NULL check in the debugfs function”. The followin...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fixed a possible use-after-free in iamoduleexit The remove function of this module calls deltimer. However, that function does not wait for the timer handler to complete. This means that the timer handler may still b...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: A condition was added for scheduling kszmibreadwork. When the ksz module is installed or removed using rmmod, the kernel crashes with a null pointer dereference error. During rmmod, the kszswitchremove functi...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: power: supply: bq27xxx: Fixed handling of pollinterval and races during removal operations. Before this patch, bq27xxxbatteryteardown set pollinterval to 0 to avoid requeuing the delayedwork item during bq27xxxbatteryupdate...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: comedi: c6xdigio: Fixed invalid PNP driver unregistration The Comedi low-level driver “c6xdigio” appears to be for a parallel port-connected device. When the Comedi core calls the driver’s “attach” handler c6xdigioattach to...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: EDAC/igen6: Avoid segmentation faults during module unloading. The segmentation fault occurs because: During modprobe: 1. In igen6probe, igen6pvt is allocated using kzalloc. 2. In igen6registermci, mci-pvtinfo points to...

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2. When performing a symlink lookup, the grub’s UFS module checks the data size of the inode to allocate an internal buffer to read the file content. However, it fails to check whether the data size of the symlink has exceeded its allocated limit. As a result, the...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: brd: Automatic disk creation is deferred until module initialization succeeds. My colleague Wupeng identified the following issues during fault injection: BUG: Unable to handle page faults for address: fffffbfff809d073 PGD:...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: Core: Fix for NULL module pointer assignment at card init The commit 81033c6b584b “ALSA: Core: Warning on empty module” introduced a WARNON function for handling NULL module pointers passed during object creation using...

Astra Linux - уязвимость в firefox, thunderbird

Module load requests that failed were not checked to determine whether they had been cancelled, resulting in a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

Astra Linux - уязвимость в edk2

EDK2 is vulnerable to a vulnerability in the Tcg2MeasurePeImage function, which allows a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in compromises of confidentiality, integrity, and/or availability...