Astra Linux – Vulnerability in Squid

A issue was discovered in Squid before versions 4.15 and 5.x before version 5.0.6. An integer overflow problem allows a remote server to cause a Denial of Service when delivering responses to HTTP Range requests. The issue is triggered by a header that is expected to exist in HTTP traffic, withou...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: x86/mm/pat: fixed the handling of VMPAT in COW mappings. The handling of PAT in COW mappings doesn’t work correctly. The first PTE or, in fact, all PTEs can be replaced during write faults, causing them to point to anonymous...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In mm/hugetlb, do not call vmaaddreservation when ENOMEM is encountered. sysbot reported a segmentation fault 1 in unmaphugepagerange. This occurs because vmaneedsreservation may return -ENOMEM if allocatefileregionentries fails ...

Astra Linux – Vulnerability in node-semver

Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service ReDoS via the function new Range, when untrusted user data is provided as a range...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: BPF: Protection against integer overflows for stack access sizes This patch reintroduces protection against access to stack memory having a negative value. The access size can appear negative due to overflow in its signed integer...

Astra Linux – Vulnerability in imagemagick

In ImageMagick, there is a value of the type 'unsigned int' that is outside the representable range in MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

The “Use After Free” vulnerability in the Linux kernel allows for the execution of code in a local environment on Linux, x86, and ARM bluetooth modules. This vulnerability is associated with program files located at https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath11k: Fixed the registration of a 6Ghz-only physical interface without the full channel range. Due to what appears to be a typographical error, the 6Ghz-only physical interface for which the BDF does not allow the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: The issue with bitmap corruption when using CLOSERANGEUNSHARE in closerange has been fixed. The function copyfdbitmapsnew, old, count is expected to copy the first count/BITSPERLONG bits from old-fullfdsbits and fill the rest wit...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mshv: Fixed the check for overlap in memory regions. The current check was incorrect; it only checks whether the beginning or end of a region is within an existing region. This does not take into account cases where the user spac...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iommufd/selftest: Overflow of uptr and length was caught. syzkaller generated a WARN when trying to have uptr close to UINTPTRMAX: WARNING: CPU: 1 PID: 393 at drivers/iommu/iommufd/selftest.c:403 iommufdtest+0xb19/0x16f0 Modul...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Passing a u64 value to ocfs2truncateInline may lead to an overflow. Syzbot reported a kernel bug in ocfs2truncateInline. There are two reasons for this: first, the parameter value passed is greater than...

Astra Linux – Vulnerability in Squid

A issue was discovered in Squid before version 4.15 and 5.x before version 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack targeting all clients using the proxy. A client sends an HTTP Range request to trigger this vulnerability...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fixed a crash that occurred with stop filters in single-range mode. A check for !buf-single was added before calling ptbufferregionsize in places where a missing check could cause a kernel crash. This fix...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mm/gup: fixed guppudrange for dax For dax pud, pudhuge returns true on x86. So the function works as long as hugetlb is configured. However, dax does not depend on hugetlb. Commit 414fd080d125 “mm/gup: fixed guppmdrange for da...

Astra Linux – Vulnerability in curl

curl 7.1.1 up to and including 7.75.0 is vulnerable to a “Exposure of Private Personal Information to an Unauthorized Actor” by leaking credentials in the HTTP Referer: header. libcurl does not remove user credentials from the URL when automatically filling in the Referer: HTTP request header fie...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: fixed module PLTs with mcount Li Huafei reports that the ftrace with module PLTs based on mcount was broken by the commit: a6253579977e4c6f “arm64: ftrace: consistently handle PLTs.” When module PLTs are used and a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommufd: Prevents ALIGN overflow. When allocating IOVA, the candidate range is aligned to the target alignment. If the range is close to ULONGMAX, the ALIGN function may wrap, resulting in a corrupted iova structure. The code use...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: A out-of-bounds access occurred in dtv5100i2cmsg. The rlen value is a user-controlled value, but dtv5100i2cmsg does not check the size of the rlen value. Therefore, if the rlen value is set to a value...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Ensure that pages are unlocked in case of a failure in cowfilerange. There is a hangtask report for zoned btrfs as follows: https://github.com/naota/linux/issues/59 726.328648 INFO: Task rocksdb:high0:11085 blocked for...