Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: relaxed the check on socket state during the accept process. Christoph reported the following issue: WARNING: CPU: 1 PID: 772 at net/ipv4/afinet.c:761 inetaccept+0x1f4/0x4a0 Modules linked in: CPU: 1 PID: 772 Comm:...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: brwifi: Fix for NULL pointer dereferencing in brwifitxfinalize. When the device is removed or the kernel module is unloaded, there is a potential scenario of NULL pointer dereferencing. The following sequence occurs when...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: TLS: Handle the situation where data disappears from the receive queue under TLS ULP. TLS assumes that it owns the receive queue of the TCP socket. This assumption cannot be guaranteed if the reader of the TCP socket entered befo...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail of a packet may have some unexpected side effects if a program uses a helper function like BPFFUNCskbpulldata to read partial content beyond the headle...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tls: Make sure to abort the stream if the headers are invalid. Normally, we wait for the socket to buffer up the entire record before processing it. However, if the socket has a very small buffer, we read out the data sooner to...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: kcm: Race conditions occur when accessing skreceivequeue. sk-skreceivequeue is protected by the skb queue lock. However, for KCM sockets, the RX path requires mux-rxlock to protect more than just the skb queue. Nevertheless,...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: vsock: Keep the binding until the socket is destroyed. The socket bindings are preserved; this includes those created through an explicit bind call and those implicitly bound during connect. This prevents unbinding of sockets...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ath11k: Fixed the issue where the skb was not dropped when an htctxcompletion error occurred. When an htctxcompletion error occurs, the skb is not discarded. This is incorrect because the completionhandler logic expects the sk...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: afbluetooth: Fixed deadlock issues Attempting to use socklock on .recvmsg may cause a deadlock as shown below. Therefore, instead of using socksock, use skreceivequeue.lock on btsockioctl to avoid UAF: INFO: Task...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use an alternative source for socket to node data. The UV code attempts to create a set of tables to enable bidirectional socketnode lookups. However, when nrcpus is set to a lower number than the actual number o...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: rds: Do not hold the sock lock when canceling work from rdstcpresetcallbacks. The syzbot is reporting a lockdep warning at rdstcpresetcallbacks 1. For the commit ac3615e7f3cffe2a “RDS: TCP: Reduce code duplication in...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: fixed information leakage in /proc/net/ptype In one network namespace, after creating a packet socket without binding it to a device, users in other network namespaces can observe the newly added packettype by reading the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed the requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Calico cloud environment. We found that a BPF program was performing a socket lookup, taking a reference count of the socket. It w...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: In the tcpdisconnect function, the tcpsksk-fastopenrsk field was cleared. The syzbot reported an error where a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. The syzbot reused the server-side TCP Fast Open socket as ...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9khtc: Use skbsetlength to reset urb before resubmitting it. Syzbot points out that skbtrim has a sanity check on the existing length of the skb; this length might not be initialized in some error-prone situations. The...

Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: iscsi: iscsitcp: Fixed a NULL pointer derefrence issue when calling getpeername. A crash due to a NULL pointer occurred when freeing a socket at the same time as accessing it via sysfs. The problem is as follows: 1...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bug: Null pointer dereferencing in GRO. We observed a null pointer dereferencing in fougroreceive while shutting down a host. 0 The NULL pointer is sk-skuserdata, and the offset 8 represents the protocol field in the struct fou...

Astra Linux - уязвимость в redis

Redis is an in-memory database that persists data on disk. Upon startup, Redis begins listening on Unix sockets before adjusting its permissions according to the user-provided configuration. If a permissive umask value is used, this can create a race condition that allows another process to...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: espintcp: The caching of the encap socket has been removed to avoid reference leaks. The current scheme for caching the encap socket can lead to reference leaks when trying to delete the netns. The reference chain is: xfrmstate -...