Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fixed a possible use-after-free in iamoduleexit The remove function of this module calls deltimer. However, that function does not wait for the timer handler to complete. This means that the timer handler may still b...

Astra Linux - уязвимость в samba

The Samba vfsfruit module utilizes extended file attributes EA, xattr to enhance compatibility with Apple SMB clients and interoperability with Netatalk 3 AFP file servers. Samba versions prior to 4.13.17, 4.14.12, and 4.15.5, when vfsfruit was configured, allowed out-of-bounds heap read and writ...

Astra Linux - уязвимость в pam-pkcs11

PAM-PKCS11 is a Linux-PAM login module that enables user login using X.509 certificates. Prior to version 0.6.13, if certpolicy was set to none the default value, then pampkcs11 would only check whether the user was capable of logging into the token. An attacker could create a new token using the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY. When CONFIGDEBUGBUGVERBOSE=n, we fail to add the necessary padding bytes to the bugtable entries. As a result, the last entry in a bug table will be ignored, potentially leadin...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: EDAC/igen6: Avoid segmentation faults during module unloading. The segmentation fault occurs because: During modprobe: 1. In igen6probe, igen6pvt is allocated using kzalloc. 2. In igen6registermci, mci-pvtinfo points to...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: brd: Automatic disk creation is deferred until module initialization succeeds. My colleague Wupeng identified the following issues during fault injection: BUG: Unable to handle page faults for address: fffffbfff809d073 PGD:...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: Core: Fix for NULL module pointer assignment at card init The commit 81033c6b584b “ALSA: Core: Warning on empty module” introduced a WARNON function for handling NULL module pointers passed during object creation using...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bonding: An oops occurred during the rmmod operation. The command “rmmod bonding” causes an oops since the commit with the code change cc317ea3d927” „bonding: remove the redundant NULL check in the debugfs function”. The followin...

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2. When performing a symlink lookup, the grub’s UFS module checks the data size of the inode to allocate an internal buffer to read the file content. However, it fails to check whether the data size of the symlink has exceeded its allocated limit. As a result, the...

Astra Linux - уязвимость в ansible

A flaw was discovered in the ansible module, where credentials are disclosed in the console logs by default, and are not protected by security features when using the bitbucketpipelinevariable module. This flaw allows an attacker to steal bitbucket Pipeline credentials. The greatest threat posed ...

Astra Linux - уязвимость в firefox, thunderbird

Module load requests that failed were not checked to determine whether they had been cancelled, resulting in a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

Astra Linux - уязвимость в imagemagick

ImageMagick is free software available as a ready-to-run binary distribution or as source code that you can use, copy, modify, and distribute in both open and proprietary applications. In affected versions, Postscript files may be read and written when specifically excluded by a module policy in...

Astra Linux - уязвимость в linux-5.15

A flaw was discovered in the ksmbd component of the Linux kernel. A deadlock occurs when multiple session setup requests are sent simultaneously, which may lead to a denial of service...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: In the proc subsystem, the same handling is used for checking proclseek as for procreaditer and others. Directly checking pde-procops-proclseek may lead to a Use-After-Value UAF in the rmmod scenario. This issue arises from a fla...

Astra Linux - уязвимость в grub2

A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory use-after-free issue, occurs because the normalexit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking the command after...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: alloctag: Dynamically allocate percpu counters for module tags. When a module is unloaded, it checks whether any of its tags are still in use. If so, it keeps the memory containing the module’s allocation tags alive until all tag...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: tpm: use trygetops in tpm-space.c As part of the series of changes to remove nested TPM operations: https://lore.kernel.org/all/[email protected]/ The exposure of the chip-tpmmutex was removed...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: tpm: fix reference counting for struct tpmchip The following sequence of operations results in a refcount warning: 1. Open device /dev/tpmrm. 2. Remove module tpmtisspi. 3. Write a TPM command to the file descriptor opened at ste...

Astra Linux - уязвимость в rsync

A malicious client acting as the recipient of an rsync file transfer can trigger an out-of-bounds read of a heap-based buffer, through a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger this issue...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mm/damon/lrusort: A divide-by-zero error was avoided in damonlrusortapplyparameters. The patch series “mm/damon: avoid divide-by-zero in DAMON module’s parameter application”. The DAMON’s RECLAIM and LRUSORT modules do not perfor...