Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed a crash that occurred during module load/unload tests. During purex packet handling, the driver incorrectly freed a pre-allocated structure. This issue was fixed by skipping that entry. The system crashed...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: module: fix eshstrndx.shsize=0 OOB access It is trivial to craft a module to trigger OOB access in this line: if info-secstringsstrhdr-shsize - 1 != '\0' BUG: unable to handle page fault for address: ffffc90000aa0fff PGD 10000006...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nfc: nxp-nci: Fixed a potential memory leak in nxpncisend The nxpncisend function calls nxpncii2cwrite. The skb is only freed when nxpncii2cwrite fails. However, even if nxpncii2cwrite succeeds, the skb is not freed within...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel 6.0.8, there is a use-after-free in rununpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/slabcommon: The corruption of the slabcaches list after kmemcacheDestroy has been fixed. After the commit in “Fixes”, if a module that creates a slab cache does not release all of its allocated objects before destroying the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: Do not wait in vain when unloading the module. There is a race condition in the module exit path, where both deleting all controllers and freeing the “leftover IDs” occur simultaneously. To prevent double-freeing, a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: The commit mutex should not be released during the critical section between nftgcseqBegin and nftgcseqEnd. Otherwise, the async GC worker could collect expired objects and obtain the released commit lock with...

Astra Linux - уязвимость в intel-microcode

Improper input validation in some IntelR TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access...

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible Engine 2.9.18, where sensitive information is not masked by default, and the nolog feature is not protected when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The greatest threat posed by this...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Enhanced sanity check during attribute list generation The nicreateattrlist function uses WARNON to catch error cases during attribute list generation. Currently, it only prints the stack trace, which may not be...

Astra Linux – Vulnerability in Thunderbird, Firefox

Module load requests that failed were not checked to determine whether they had been cancelled, resulting in a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

Astra Linux – Vulnerability in Apache2

Inconsistent interpretation of HTTP requests: The “HTTP Request Smuggling” vulnerability in modproxyajp of the Apache HTTP Server allows an attacker to secretly send requests to the AJP server to which the server forwards requests. This issue affects the Apache HTTP Server version 2.4.53 and...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipvs: Deferring the unregistration of ipvsftp during netns cleanup. During the netns cleanup process, ipvsftpexit may unregister ipvsftp before all connections with valid cp-app pointers are flushed, leading to a use-after-free...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: EDAC/skxcommon: Fixed the general protection fault. After loading i10nmedac which automatically loads skxedaccommon, if only i10nmedac is unloaded, then reloading it and performing error injection testing may cause a general...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fixed potential crashes during module unloading. The vmbus driver relies on the panic notifier infrastructure to perform certain operations when a panic event is detected. Since vmbus can be built as a module,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: powerpc64/ftrace: fixed the issue of module loading without patchable function entries. getstubssize assumes that there must always be at least one patchable function entry, which is not always the case modules that export dat...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: i2c: max9286: fix kernel oops when removing module When removing the max9286 module we get a kernel oops: Unable to handle kernel paging request at virtual address 000000aa00000094 Mem abort info: ESR = 0x96000004 EC = 0x2...

Astra Linux – Vulnerability in dcmtk

In DCMTK, versions prior to 3.6.9 have a segmentation fault due to an invalid DIMSE message...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: testfirmware: fixed a memory leak in testfirmwareinit. When miscregister failed in testfirmwareinit, the memory pointed to by testfwconfig-name was not released. The memory leak information is as follows: Unreferenced object...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mwifiex: The link must be brought down before the interface is deleted. We can encounter a deadlock situation when using rmmod to remove a driver or during a firmware reset. This is because the cfg80211unregisterwdev function...