Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: fix a memleak when uncloning an skb dst and its metadata When uncloning an skb dst and its associated metadata, a new dst+metadata is allocated and later replaces the old one in the skb. This is helpful to have a non-shared...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: A potential memory leak has been fixed in bcmaspxmit. bcmaspxmit returns NETDEVTXOK without freeing the skb in case of mapping failures. Add devkfreeskb to address this issue...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ionic: Use devconsumeskbany outside of the NAPI context. If we are not in an NAPI softirq context, we need to be careful about how we call napiconsumeskb. Specifically, we need to call it with budget==0 to signal that we are not ...

Astra Linux - уязвимость в linux, linux-5.10

A flaw after-free usage in the function scosocksendmsg of the Linux kernel’s HCI subsystem was discovered. This flaw allows a privileged local user to exploit it to crash the system or escalate their privileges on the system. This flaw triggers a race condition when the user calls ioct...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for more than 368 seconds. Not tainted 5.18.0-rc3-next-20220422-00003-g2176915513ca 884 "echo 0...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be transferred data, these parts are directly translate...

Astra Linux - уязвимость в apache-log4j2

In Apache Log4j Core versions 2.0-beta9 through 2.25.2, the Socket Appender does not perform TLS hostname verification of the peer certificate, even when the verifyHostName configuration attribute https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostNa...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix pages leaking when building skb in big mode We try to use buildskb if we had sufficient tailroom. But we forget to release the unused pages chained via private in big mode which will leak pages. Fixing this by...

Astra Linux - уязвимость в python3.7, python2.7, pypy

An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is...

Astra Linux - уязвимость в avahi

A flaw was discovered in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not handled correctly in the clientwork function, allowing a local attacker to trigger an infinite loop. The most significant threat from this...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtionethdrtoskb allowed syzbot to crash kernels again 1. After the skbsegment function the buffer may become non-linear nrfrags != 0, but since the SKBTXSHAREDFRAG flag is not set...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshakereqsubmit replaces sk-skdestruct but never restores it when submission fails before the request is hashed. handshakeskdestruct then returns early and the original...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSGPEEK causes a memory leak in iucvsockdestruct. Passing the MSGPEEK flag to skbrecvdatagram increments the skb refcount skb-users, while iucvsockrecvmsg does not decrement the skb refcount at exit. This results in a...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sunrpc: Fixing client-side handling of TLS alerts A security exploit was discovered in NFS over TLS in tlsalertrecv. This issue stemmed from an assumption that there was valid data within the msghdr structure’s iterator’s kvec...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: - In net: The variable sk-skfamily was read once in the function skmcloop. - syzbot is frequently using IPV6ADDRFORM; it managed to trigger the WARNONONCE1 function in skmcloop. We have many more similar issues that need to be...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: afunix: The stale u-oobskb was cleared. syzkaller started reporting a deadlock of unixgclock after the commit. 4090fa373f0e “afunix: Replace the garbage collection algorithm.”, but it simply exposes a bug that has existed since t...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtrtxresume Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in qrtrtxresume+0x185/0x1f0 net/qrtr/afqrtr.c:230...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: TCP/UDP: Fixed memory leaks related to sk and zerocopy SKBS with TX timestamps. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY SKBS. We can reproduce the problem with the following sequence: sk = socketAFINET,...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk from being released while still in use The functions iplocalout and others can pass skb-sk as a function argument. If the skb is a fragment and reassembly occurs before such a function call returns, t...