Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by scosocktimeout When the sco connection is established and then, the sco socket is releasing, timeoutwork will be scheduled to judge whether the sco disconnection is timeout. The sock...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A use-after-free flaw was discovered in the Linux kernel due to a race condition in the unix garbage collector’s deletion of SKB races involving the unixstreamread generic function on the socket onto which the SKB is queued...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: mctp: take ownership of skb in mctplocaloutput Currently, mctplocaloutput only takes ownership of skb on success, and we may leak an skb if mctplocaloutput fails in specific states; the skb ownership isn't transferred until...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Fix memory leak This checks if CONFIGDEVCOREDUMP is enabled before attempting to clone the skb and also make sure btmtkprocesscoredump frees the skb passed following the same logic...

Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL during reset transport, XPRTSOCKUPDTIMEOUT also needs to be cleared. Otherwise, the xstcpsetsockettimeouts may be triggered in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: inet: Do not leave a dangling sk pointer in inetcreate The sockinitdata function attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains a...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close netlink supports iterative dumping of data. It provides the following operations: - start – Optional Initiates the dumping process. - dump – The actual dumping process; this...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ax25: properly unshare skbs in ax25kissrcv Bernard Pidoux reported a regression apparently caused by commit c353e8983e0d "net: introduce per netns packet chains". skb-dev becomes NULL and we crash in netifreceiveskbcore. Before...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tls: Always refresh the queue when reading sock. After recent changes in net-next, TCP compacts skb much more aggressively. This uncovered a bug in TLS, where we might attempt to operate on an old skb when checking whether all sk...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: espintcp: remove encap socket caching to avoid reference leak The current scheme for caching the encap socket can lead to reference leaks when we try to delete the netns. The reference chain is: xfrmstate - enacpsk - netns Since...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix for NPE during rxcomplete There is a missing validation of usbnetgoingaway in the critical path. The usbsubmiturb function lacks this validation, while usbnetqueueskb includes this check. This inconsistency creates a...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Discard packets if the transport changes. If the socket has been de-assigned or assigned to another transport, we must discard any packets received because they are not expected and would cause issues when accessing...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed a race condition in sockmapfree. sockmapfree calls releasesocksk without owning a reference to the socket. This could lead to a use-after-free, as syzbot identified this issue 1. Jakub Sitnicki already...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Calico cloud environment. We found that a BPF program was doing a socket lookup with takes a refcnt on the socket and that it was findin...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: handle NULL sock pointer in l2capsockalloc A NULL sock pointer is passed into l2capsockalloc when it is called from l2capsocknewconnectioncb and the error handling paths should also be aware of it. Seemingly a...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspace, or based on bpf sockops, replacing the skprot of sockets during protocol stack processing with sockmap's custom read/write...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix skbput panic on non-linear skb during reassembly In iptfsreassemcont, IP-TFS attempts to append data to the new inner packet 'newskb' that is being reassembled. First a zero-copy approach is tried if it succeeds...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel, as of version 6.6.8, has a use-after-free issue due to a race condition involving btsockioctl...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: net/9p: A potential socket leak has been fixed in p9socketopen. Both p9fdcreatetcp and p9fdcreateunix will call p9socketopen. If the creation of p9transfd fails, both p9fdcreatetcp and p9fdcreateunix will return an error...