1875 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/cma: Allow UD qptype to join multicast only Regarding multicast: - The SIDR is the only mode that makes sense; - In addition to PSUDP, other port spaces like PSIB are also allowed, as they are UD-compatible. In this case,...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: Bridge: Multicast packets must be confirmed before being passed up the stack. The conntrack/nfconfirm logic does not handle cloned skb objects that reference the same nfct entry. This issue occurs when dealing with...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nfp: MC addresses are cleaned in the application firmware when the port is closed. When moving devices from one namespace to another, MC addresses are cleaned by software, but they are not removed from the application firmware. A...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: The delay in putting pmc-idev into mlddeldelrec has been fixed. pmc-idev is still used in ip6mcclearsrc, just like in mldcleardelrec. Therefore, the reference to pmc-idev should be placed after the return of...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: afpacket: moved the call to packetdevmc out of the RCU critical section. Syzkaller reports the following issues: BUG: A sleeping function is called from an invalid context at kernel/locking/mutex.c:578 mutexlock+0x106/0xe80...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, the generation of the list of MDB events to replay competed with the creation of new group memberhips, either through the IGMP/MLD snoopin...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fixed an out-of-bounds shift in the group mask calculation When a netlink message is received, netlinkrecvmsg fills in the address of the sender. One of the fields is the 32-bit bitfield nlgroups, which carries the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fixed the issue with locking the mcast list. The release of priv-lock while iterating over priv-multicastlist in ipoibmcastjointask creates a situation where ipoibmcastdevFlush may remove the items while the iteration i...
Astra Linux – Vulnerability in atftp
There is an exploitable denial-of-service vulnerability in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests triggers an assert call, resulting in a denial-of-service attack. An attacker can send a sequence of malicious packets...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: ipv4: Fix memory leak in ipmcadd1src BUG: Memory leak Unreferenced object: 0xffff888101bc4c00 size 32 Command: “syz-executor527”, PID 360, jiffies 4294807421 age 19.329 seconds Hex dump first 32 bytes: 00 00 00 00 00 00 00 0...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: IGMP: Fixed data races related to sysctligmpqrv. When reading sysctligmpqrv, it can be changed concurrently. Therefore, we need to add READONCE to its readers. This test can be incorporated into a helper module; such changes...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fixed a use-after-free issue when updating multicast route statistics. The cited commit added a dedicated mutex instead of RTNL to protect the multicast route list. This ensures that the list does not change...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: Ensure that we call ipv6mcdown at most once. There are two reasons why addrconfnotify is called with NETDEVDOWN: Either the network device is actually going down, or IPv6 was disabled on the interface. If either of the...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipmr,ip6mr: acquiring RTNL before calling ip6mrfreetable on the failure path ip6mrfreetable can only be called under an RTNL lock. RTNL: assertion failed at net/core/dev.c 10367 WARNING: CPU: 1 PID: 5890 at net/core/dev.c:10367...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/ucma: Protects the mc object during concurrent multicast operations. The commit mentioned in the “Fixes” section has been partially reverted to ensure that the allocation and erasure of multicast objects are locked...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fixed an UAF issue in ip6mrskDone when addrconfinitnet failed. If the initialization of devconfall fails during the call to addrconfinitnet, the pointer devconfall is released. Calling ip6mrskDone to release the network...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: - In the net subsystem, for USB devices, the disruptive netifwakequeue function in rtl8150setmulticast has been removed. - The syzbot tool reported a WARNING in the rtl8150startxmit/usbsubmiturb function. The sequence of event...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: VLAN: Enforcing the underlying device type Currently, VLAN devices can be created on top of non-Ethernet devices. Aside from the fact that this approach doesn’t make much sense, it also causes a bug that leads to the leakage of t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: removed one synchronizenet call from ipv6mcdown. As discussed in previous discussions commit 2d3916f31891 “ipv6: fix skb drops in igmp6eventquery and igmp6eventreport”, the synchronizenet call in ipv6mcdown is not...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021635)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021635 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix steering rules cleanup vport's mc, uc and multicast rules are not deleted in teardo...