Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: media: vivid: Changed the size of the composition Syzkaller discovered a bug: BUG: KASAN: Out-of-bounds access to memory during tpgfillplanepattern in drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 inline BUG: KASAN:...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: HID: cougar – fixed a slab-out-of-bounds read in cougarreportfixup. The reportfixup function for the Cougar 500k Gaming Keyboard did not verify that the size of the report descriptor was correct before accessing it...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The denominator cannot be 0, and this check is performed before it is used. This fixes the “1 DIVIDEBYZERO” issue reported by Coverity. WHAT & HOW The denominator must not be 0, and this check is conducted before...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: iommu: Fixed potential use-after-free during probe Kasan has reported the following use-after-free on dev-iommu. When a device probe fails and the dev-iommu is being freed, the deferredprobeworkfunc function runs in parallel a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: HID: apple: The feature-report field count is validated to prevent NULL pointer dereferencing. A malicious HID device with the APPLEMAGICBACKLIGHT characteristic can trigger a NULL pointer dereference when the powerfeature-report...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: HID: hid-ntrig: fix an issue where it was unable to handle page faults in ntrigreportversion. In ntrigreportversion, the hdev parameter is passed from hidprobe. Sending a descriptor to /dev/uhid can cause hdev-dev.parent-parent t...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: gtp: Fixed a use-after-free in gtpencapdestroy. syzkaller reported a use-after-free in gtpencapdestroy. 0 The same process freed sk and accessed it illegally. Commit e198987e7dd7 “gtp: fix suspicious RCU usage” added locksock...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs entries past the “end” entry Once inside ‘ext4xattrinodedecrefall’, we should ignore xattrs entries that are located after the “end” entry. This fixes the following KASAN reported issue:...

Astra Linux - уязвимость в webkit2gtk

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in Safari 16.4.1, iOS 15.7.5, and iPadOS 15.7.5; iOS 16.4.1, and iPadOS 16.4.1; as well as macOS Ventura 13.3.1. Processing maliciously crafted web...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: HID: core: removed the unnecessary WARNON function in implement. The syzkaller triggered a warning 1 when calling implement, attempting to write a value into a field of smaller size in an output report. Since implement already ha...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fixed an info leak in hidsubmitctrl. In hidsubmitctrl, the way of calculating the report length does not take into account that report-size can be zero. When running the syzkaller reproducer, a report of size 0 cause...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: fixed potential NULL pointer dereferencing in ncmbitrate In Google’s internal bug report 265639009, we received a crash report from a aarch64 GKI 5.10.149-android13 running device. According to the report, the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: HID: steam: Prevent NULL pointer dereferencing in steamrecv,sendreport It is possible for a malicious device to fail to submit a Feature Report. The HID Steam driver currently does not handle this situation and dereferences the...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in a report descriptor that is smaller than 607 bytes. mtreportfixup attempts...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed the issue “KASAN: slab-use-after-free Read in ibdevicerename”. Call Trace: dumpstack: lib/dumpstack.c:94 inline dumpstacklvl+0x116/0x1f0: lib/dumpstack.c:120 printaddressdescription: mm/kasan/report.c:408 inline...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: BPF: bpfskstorage: Fixed invalid wait context lockdep report "The ./testprogs -t testlocalstorage" command reported a splat error: 27.137569 ============================= 27.138122 BUG: Invalid wait context 27.138650...

Astra Linux - уязвимость в firefox, thunderbird

Through the use of reportValidity and window.open, a plain-text validation message could be displayed on another origin, potentially causing confusion for users and allowing for spoofing attacks. This vulnerability affects Firefox 93, Thunderbird 91.2, and Firefox ESR 91.2...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with reclen == block size results in out-of-bounds read later on, when the corrupted directory is removed...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: Block, bfq: Fixed a potential UAF issue for bfqq-bic when using the merge chain. 1 Initial state: Three tasks: - Process 1 Process 2 Process 3 - BIC1 BIC2 BIC3 | Λ | Λ | Λ | | | | | V | V | V bfqq1 bfqq2 bfqq3 Process referenc...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Ensure that the index calculations will never cause an overflow. WHY & HOW Ensure that the calculations of vmid0p72idx, vnom0p8idx, and vmax0p9idx will never cause an overflow or exceed the array size. This fi...