Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed a potential “struct net” leak in inet6rtmgetaddr. It appears that if the user space provides a correct IFATARGETNETNSID value, but no IFAADDRESS or IFALOCAL attributes are set, inet6rtmgetaddr will return -EINVAL, alo...

Astra Linux – Vulnerability in Linux, Linux 5.10

A vulnerability was discovered in the drivers/usb/gadget/function/rndis.c file within the Linux kernel before version 5.16.10. The RNDIS USB gadget does not include validation for the size of the RNDISMSGSET command. Attackers can obtain sensitive information from the kernel memory...

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Libraries. The supported versions affected include Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily exploitable vulnerability allows an...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - net: dsa: ar9331: Register the MDIobus under devres. As explained in the commits: - 74b6d7d13307: “net: dsa: realtek: register the MDIO bus under devres” - 5135e96a3dd2: “net: dsa: don’t allocate the slavemiibus using devres...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: tun: avoided double-free in tunfreenetdev Avoid double-free in tunfreenetdev by moving the dev-tstats and tun-security allocations to a new ndoinit routine tunnetinit, which will be called by registernetdevice. ndoinit is paired...

Astra Linux – Vulnerability in net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable could lead to an out-of-bounds memory access. A user with read-write credentials could exploit this issue. Versio...

Astra Linux – Vulnerability in nss

A flaw was discovered in the implementation of CHACHA20-POLY1305 in NSS versions prior to 3.55. When using multi-part Chacha20, it could lead to out-of-bounds reads. This issue was addressed by explicitly disabling multi-part ChaCha20 which was not functioning correctly and enforcing strict tag...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, and Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netsched: drr: A double addition was corrected in the class, where netem is a child qdisc. As described in Gerrard’s report 1, there are use cases where a netem child qdisc can make the parent qdisc’s enqueue callback reentrant. ...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fixed a suspicious RCU usage warning in iptunnelfind The per-netns IP tunnel hash table is protected by the RTNL mutex, and iptunnelfind is only called from the control path where the mutex is acquired. Added a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Rejects combinations where the sum of the field lengths matches the set key length. The description of the field length indicates the length of each separate key field. Each field is rounded up to 32 bits...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfsd: When trying to queue dlrecall, if the call to nfsd4runcb fails, the reference count of dlstid is not decremented. This leads to a leak of the following objects: unreferenced object 0xffff88812067b578 size 344: Comm “nfsd”,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4processcbupdate @ses is initialized to NULL. If nfsd4findbackchannel finds no available backchannel session, setupcallbackclient will attempt to dereference @ses, resulting in a segmentation...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iscsistart: A UBSAN out-of-bounds warning has been fixed in ibftattrshownic. When performing an iSCSI boot using IPv6, iscsistart still reads the /sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix length is 64,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: A use-after-free issue has been fixed in the asynchronous open function. Yang Erkun reported that when two threads open files at the same time and are forced to abort before a response is received, the call to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - In the net:sched section, there is a fix for the order of qlen adjustment. - Changes to sch-q.qlen related to qdisctreereducebacklog need to occur before a call to that function. Otherwise, it may fail to notify the parent...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fixed a race condition related to waking up the NFSLAYOUTDRAIN flag. We identified several systems where tasks were stuck in a writeback process, waiting for the same page lock. Additionally, one task was waiting for...

Astra Linux – Vulnerability in NTP

In the file libntp/mstolfp.c, within the NTP version 4.2.8p15, there is a buffer overflow vulnerability when copying the trailing number. An attacker may be able to exploit this vulnerability against a client’s NTPQ process, but they cannot exploit it against ntpd...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: arc: fixed the device for dmamapsingle/dmaunmapsingle ndev-dev and pdev-dev are not the same device; use ndev-dev.parent, which has dmamask. ndev-dev.parent is simply pdev-dev. Otherwise, the following issue will occur:...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: The pointer wdev-cqmconfig must be cleared when freeing it during unregistration. This is necessary because the same wdev/netdev may be re-registered in another network namespace, and then destroyed later. Running...

Astra Linux – Vulnerability in imagemagick

The WriteOnePNGImage function from coders/png.c the PNG encoder contains a for loop with an improper exit condition, which may lead to an out-of-bounds READ operation due to a heap-buffer-overflow issue. This occurs because it is possible for the colormap to have fewer than 256 valid values, and...