Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a stack-out-of-bounds write in devmap. The getupperifindexes function iterates over all upper devices and writes their indices into an array without checking bounds. Additionally, the calling functions assume that the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: do not update checksum in bnxtxdpbuildskb The bnxtrxpkt function updates the ipsummed value at the end if the checksum offload is enabled. When the XDP-MB program is executed and returns XDPPASS, the bnxtxdpbuildskb...

Astra Linux - уязвимость в dcmtk

DCMTK through version 3.6.6 does not handle memory deallocation properly. The object in the program is freed, but its address is still used in other locations. Sending specific requests to the dcmqrdb program will lead to a double-free. An attacker can use this vulnerability to launch a DoS attac...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf: devmap: Provide rxq after a redirect. rxq contains a pointer to the device from which the redirect occurred. Currently, the BPF program executed after a redirect via BPFMAPTYPEDEVMAP does not set this pointer. This is...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remapping EPERM in case of connection failure in xstcpsetupsocket. When using a BPF program on kernelconnect, the call may return -EPERM. This causes xstcpsetupsocket to loop indefinitely, filling up the syslog and...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed the XDP program unloading process when removing the driver. The commit 6533e558c650 “i40e: Fixed the reset path when removing the driver” introduced a new PF state "I40EINREMOVE" to prevent modifications to the XDP...

Astra Linux - уязвимость в ntp

In the mstolfp.c file within NTP 4.2.8p15, there is a buffer overflow vulnerability when adding a decimal point. An adversary may be able to attack a client’s ntpq process, but they cannot attack the ntpd process...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451c1 “bpf: Track subprog poke descriptors correctly and fix use-after-free” under various failure conditions, for example, when...

Astra Linux - уязвимость в binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in the GNU Binutils through version 2.31. There is a heap-based buffer overflow in the bfdelf32swapphdrin function in elfcode.h, because the number of program headers is not restricted...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix null pointer dereference in resolveprogtype for BPFPROGTYPEEXT When loading an EXT program without specifying attr-attachprogfd, the prog-aux-dstprog will be null. At this time, calling resolveprogtype anywhere will resu...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ice: Avoid bpfprog refcount underflow The Ice driver includes routines for managing XDP resources that are shared between the ndobpf operation and the VSI rebuild flow. The latter occurs, for example, when the user changes the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: mtkethsoc: Reset the progptr to oldprog in case of an error in mtkxdpsetup. Reset the eBPF program pointer to oldprog, and do not decrease its reference count if the mtkopen routine in mtkxdpsetup fails...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Ice: Fixed DMA mapping leaks The leak was addressed when the user changed ring parameters. During the reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with a different RX ring count shoul...

Astra Linux - уязвимость в rustc

In the standard library of Rust before 1.52.0, there was an optimization for joining strings that could cause uninitialized bytes to be exposed or the program to crash if the borrowed string changed after its length was checked...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Correctly track subprogram poke descriptors and fix use-after-free Subprograms call mappoketrack, but during program release, there is no hook to call mappokeuntrack. However, during program release, the auxiliary memory and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Disabling migration in nfhookrunbpf. syzbot reported that the netfilter BPF program can be called without disabling migration in the xmit path. As a result, the assertion in bpfprogrun fails, triggering an error below. 0 Let...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel up to version 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory through a Speculative Store Bypass side-channel attack, because the protection mechanism ignores the possibility of uninitialized memory locations within the BPF stack...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: BPF: crypto: Use the correct destructor kfunc type With CONFIGCFI enabled, the kernel strictly ensures that indirect function calls use a function pointer type that matches the target function. I encountered the following type...

Astra Linux - уязвимость в ntp

In the file libntp/mstolfp.c, within the NTP version 4.2.8p15, there is a buffer overflow vulnerability when copying the trailing number. An attacker may be able to exploit this vulnerability against a client’s NTPQ process, but they cannot exploit it against ntpd...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed a UAF Use-after-Allocation issue by correcting mismatching between the bpfprog/attachment and tasks-trace-RCU grace periods. Uprobes always use bpfprogrunarrayuprobe under the protection of tasks-trace-RCU. However, it...