Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: sctp: Set skstate back to CLOSED if autobind fails in sctplistenstart. In sctplistenstart called by sctpinetlisten, it should set skstate back to CLOSED if sctpautobind fails for any reason. Otherwise, the next time sctpinetliste...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: fixed race conditions in scosockconnect The scosockconnect function checks skstate and sktype without holding the socket lock. Two concurrent connect system calls on the same socket can both pass the check and ent...

Astra Linux - уязвимость в linux-5.10

The network backend may cause Linux netfront to use freed SKBs. While adding logic to support XDP eXpress Data Path, a code label was moved in a way that allows SKBs to retain references pointers for further processing, so that they can still be freed...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remapping EPERM in case of connection failure in xstcpsetupsocket. When using a BPF program on kernelconnect, the call may return -EPERM. This causes xstcpsetupsocket to loop indefinitely, filling up the syslog and...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: added vlangetprotocolanddepth helper. Previously, skbmaypull was used instead of skbheaderpointer in vlangetprotocol and related functions. Few calls relied on skb-head being populated with the MAC header. syzbot detected on...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: - ice: xsk: disabling TXQ interrupts before flushing the hardware. The function iceqpdis aims to stop a given queue pair that is a target of xsk pool attach/detach. One of the steps involved disabling interrupts on these queue...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, a leak in the skbtstamptx function was fixed. Commit 50749f2dd685 “tcp/udp: Fixed memory leaks in sk and zerocopy skbs during TX timestamping” added a call to skborphanfragsrx to fix leaks related to zerocop...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Rejects redirects of skmsg messages to non-TCP sockets With a SOCKMAP/SOCKHASH map and a skmsg program, users can direct messages sent from one TCP socket s1 to actually exiting from another TCP socket s2...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: Avoid leaving a dangling sk pointer in rfcommsockalloc btsockalloc attaches the allocated sk object to the provided sock object. If rfcommdlcalloc fails, we release the sk object, but leave a dangling pointer i...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recvcb and release The issue occurs between the system call to close the socket and the hcirxwork function. In this process, the former releases the socket, while the latter accesses it without proper...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: In the rose function, there is an issue where an invalid array index is used in the rosekillbydevice function. This function collects sockets into a local array, and then iterates over those arrays to disconnect sockets bound to...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: kcm: Fixed error handling for SOCKDGRAM in kcmsendmsg. syzkaller discovered a memory leak in kcmsendmsg, and the commit c821a88bd720 "kcm: Fix memory leak in the error path of kcmsendmsg" suppressed this issue by updating...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copythresh allocation failure The driver did not handle failures related to netdevallocskbip-align. If the allocation fails, dereferencing skb-protocol could lead to a NULL pointer dereference. This patch...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sunrpc: Fixing the handling of server-side TLS alerts Scott Mayhew discovered a security exploit in NFS over TLS, specifically in the tlsalertrecv function. This issue arose due to the assumption that the msg iterator could read...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: espintcp: fixed skb leaks. Several error paths now include a kfreeskb...

Astra Linux - уязвимость в qemu

A flaw was discovered in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can result in the callback being fired later, thereby causing a use-after-free when using the channel. This vulnerability can be exploited by a malicious...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: vxlan: Prevent NULL dereferencing in vxlanxmitone. Neither sock4 nor sock6 pointers are guaranteed to be non-NULL in vxlanxmitone, especially if the iface is disabled. This can lead to the following NULL dereferencias: -...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net/tunnel: Wait until all skuserdata readers complete their operations before releasing the sock. There is a race condition in vxlan where, when deleting a vxlan device during packet reception, there is a possibility that the so...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: kcm: An annotation was added for the data-race around kcm-rxwait. kcm-rxpsock can be accessed without a read lock in kcmrfree. Annotations were added for the read and write operations accordingly. syzbot reported the following...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ax25: The refcount leak caused by setting the SOBINDTODEVICE socket option has been fixed. When an AX25 device is bound to a socket by setting the SOBINDTODEVICE socket option, a refcount leak will occur in ax25release. Commit...