Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommufd: Prevents ALIGN overflow. When allocating IOVA, the candidate range is aligned to the target alignment. If the range is close to ULONGMAX, the ALIGN function may cause a wrap, resulting in a corrupted iova structure...

CVE-2025-38688 iommufd: Prevent ALIGN() overflow

In the Linux kernel, the following vulnerability has been resolved: iommufd: Prevent ALIGN overflow When allocating IOVA the candidate range gets aligned to the target alignment. If the range is close to ULONGMAX then the ALIGN can wrap resulting in a corrupted iova. Open code the ALIGN using...

CVE-2025-38688

CVE-2025-38688: In the Linux kernel’s iommufd code, ALIGN() overflow could occur while allocating IOVA ranges near ULONG_MAX, risking overlapping mappings or mapping against reserved ranges. The fix uses get_add_overflow() to guard ALIGN() and consolidates the checks under a single helper. Public...

Design/Logic Flaw

The XENMEMexchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service crash or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range...

CVE-2012-5513

The XENMEMexchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service crash or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range...