Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net/tunnel: Wait until all skuserdata readers complete their operations before releasing the sock. There is a race condition in vxlan where, when deleting a vxlan device during packet reception, there is a possibility that the so...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: kcm: An annotation was added for the data-race around kcm-rxwait. kcm-rxpsock can be accessed without a read lock in kcmrfree. Annotations were added for the read and write operations accordingly. syzbot reported the following...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ax25: The refcount leak caused by setting the SOBINDTODEVICE socket option has been fixed. When an AX25 device is bound to a socket by setting the SOBINDTODEVICE socket option, a refcount leak will occur in ax25release. Commit...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/handshake: Duplicate handshake cancellations cause a socket leak. When a handshake request is cancelled, it is removed from the handshakenet-hnrequests list, but it remains in the handshakerhashtbl until it is destroyed. If a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix skbput panic on non-linear skb during reassembly In iptfsreassemcont, IP-TFS attempts to append data to the new inner packet ‘newskb’ that is being reassembled. First, a zero-copy approach is tried. If it succeed...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: Do not leave a dangling sk pointer in ieee802154create sockinitdata attaches the allocated sk object to the provided sock object. If ieee802154create fails later, the allocated sk object is freed, but the danglin...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fixed a memory leak in mt7615mcuwtblstaadd. In mt7615mcuwtblstaadd, an skb object named sskb is allocated. If the subsequent call to mt76connacmcuallocwtblreq fails, the function returns an error without freeing the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: Fixed null-ptr-deref in socklockinitclassandname and rmmod. When I ran the reproduction steps and waited for a few seconds, I observed two LOCKDEP errors: a warning followed immediately by a null-ptr-deref. Reproduction Step...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fixed an issue with the data length underflow in SKB structures. A BUGON will be triggered in the include/linux/skbuff.h file, resulting in intermittent kernel panics when a data length underflow is detected. This...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Audit: Improved robustness of audit queue handling If the audit daemon becomes stuck in a stopped state, the kauditdthread function in the kernel might get blocked while attempting to send audit records to the audit daemon in the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix for crashes that occur when the regular task queue is reactivated. When the regular task queue is reactivated after the XSK socket is closed, it may read stale cancellation requests cqe, which can eventually...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The socket is closed after it has been accepted, even when the per-IP limit is exceeded and a connection attempt fails. When the per-IP connection limit is exceeded in ksmbdkthreadfn, the code sets ret to -EAGAIN and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisock: Prevent race conditions in socket write iteration and sockbind. There is a potential race condition between sockBind and socketwriteiter. bind may free the same memory location through mgmtPending before th...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg – Zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests that were allocated using sockkmalloc were left uninitialized. This caused problems as callers had to explicitly set t...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg – Concurrent writes to afalgsendmsg are now disallowed. Issuing two writes to the same afalg socket is problematic, as the data will be interleaved in a unpredictable manner. Additionally, concurrent writes may caus...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: Race conditions between subflow failures and additional subflow creations. We have race conditions similar to those addressed by the previous patch, between subflow failures and additional subflow creations. These conditio...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed the verifier’s assumptions regarding the socket-sk structure. The verifier assumes that the sk field in the struct socket structure is valid and not NULL when the socket pointer itself is trusted and not NULL. This...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Check for any of the tcpbpfprots when cloning a listener. A listening socket linked to a sockmap has its skprot overridden. It points to one of the struct proto variants in tcpbpfprots. This variant depends on the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refusal to enable an unbound pipe The ioctl function implicitly assumed that the socket was already bound to a valid local socket name, i.e., a Phonet object. If the socket was not bound, two problems would occur: 1 W...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: RFCOMM: Fixed a possible deadlock in rfcommskstatechange. rfcommskstatechange attempts to use socklock, so it should never be called with it locked. However, rfcommsockioctl always attempts to lock it, causing the...