Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: fixed out-of-bounds access in opsinit The netallocgeneric function is called by netalloc, which does not use any locking mechanisms. It reads maxgenptrs, which is modified under the pernetopsrwsem context. This reading occur...

CVE-2024-36883

In the Linux kernel, the following vulnerability has been resolved: net: fix out-of-bounds access in opsinit netallocgeneric is called by netalloc, which is called without any locking. It reads maxgenptrs, which is changed under pernetopsrwsem. It is read twice, first to allocate an array, then t...

DEBIAN-CVE-2024-26793

In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtpnewlink The gtplinkops operations structure for the subsystem must be registered after registering the gtpnetops pernet operations structure. Syzkaller hit 'general protection faul...

UBUNTU-CVE-2024-26793

In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtpnewlink The gtplinkops operations structure for the subsystem must be registered after registering the gtpnetops pernet operations structure. Syzkaller hit 'general protection faul...

DEBIAN-CVE-2024-26734

In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlinkinit The pernet operations structure for the subsystem must be registered before registering the generic netlink family. Make an unregister in case of unsuccessful...