Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Do not leave a dangling sk pointer after an error in l2capsockcreate. The btsockalloc function allocates the sk object and attaches it to the provided sock object. If an error occurs in l2capsockalloc, the sk...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: afcan – Do not leave a dangling sk pointer in cancreate. When the cancreate function fails, it releases the allocated sk object. However, sockinitdata has already attached this object to the provided sock object. This will...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: The can: hi311x module has corrected the ndochangemtu function to prevent buffer overflows. Sending a PFPACKET message allows bypassing the CAN driver’s logic and directly reaching the xmit function of the CAN driver. The only...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: RFCOMM: Fixed a possible deadlock in rfcommskstatechange. rfcommskstatechange attempts to use socklock, so it should never be called with it locked. However, rfcommsockioctl always attempts to lock it, causing the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed repeated calls to sockput when msg has moredata. In the tcpbpfsendverdict redirection, the eval variable is assigned to SKREDIRECT after the applybytes data is sent. If msg has moredata, sockput will be...

Astra Linux - уязвимость в linux-5.15, linux-6.1, linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: TLS: Fix for race conditions between async notify and socket close The thread that submitted the request the one that called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Any code after that point...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Network layer: Do not leave a dangling “sk” pointer when socket creation fails. It is possible to trigger a use-after-free by: - Attaching a “fentry” probe to sockrelease and the probe that calls bpfgetsocketcookie; - Running...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ICE: xsk: prohibit usage of non-balanced queue ID Fix the following scenario: 1. ethtool -L $IFACE rx 8 tx 96 2. xdpsock -q 10 -t -z The above refers to a situation where a user wants to attach an XSK socket in txonly mode at a...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: fixed a double-free on the socket destructor function When an MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to ‘inetopt’ for the new socket has the same value as the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: kcm: Serializing kcmsendmsg for the same socket. syzkaller reported a Use-After-Free in kcmrelease. 0 The scenario is as follows: 1. Thread A constructs a skb with MSGMORE and sets kcm-seqskb. 2. Thread A resumes constructing...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrcnonstatic: Fixed a memory leak in nonstaticreleaseresourcedb. When nonstaticreleaseresourcedb frees all resources associated with a PCMCIA socket, it forgets to free socketdata as well, resulting in a memory leak that...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: fix udp gsoskbSegment after pulling from fragList The commit a1e40ac5b5e9 “net: gso: fix udp gso fragList segmentation after pulling from fragList” detected invalid geometries in the fragList skbSegments and redirected them...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: vertexcom: mse102x: Fixed a possible double-free of TXskb The scope of TXskb is broader than just mse102xtxframespi; therefore, if the TXskb memory needs to be expanded, we should free the temporary skb instead of the origin...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed an infinite loop issue when len is 0 in the tcpbpfrecvmsg parser. When the buffer length of the recvmsg system call is 0, a soft lockup problem occurred. watchdog: BUG: Soft lockup – CPU3 stuck for 27...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: Fixed a skb memory leak in the receive path. When midev-allowrx is set to false, the newly allocated skb is not consumed by netifrx. It is necessary to free the skb directly...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: nbd: Fixed an issue where an io hung state occurred during device disconnection. In our tests, “qemu-nbd” triggered an io hung state: INFO: Task “qemu-nbd”: 11445 is blocked for more than 368 seconds. Not tainted...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: The TOCTOU issue in skisreadable has been fixed. sk-skprot-sockisreadable is a valid function pointer when sk resides in a sockmap. After the last skpsockput call which usually occurs when a socket is removed from the sockma...

Astra Linux - уязвимость в cloud-init

In cloud-init through 25.1.2, the systemd socket unit cloud-init-hotplugd.socket is included, with a default SocketMode of 0666, allowing world-write permissions. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. A non-privileged user can trigger hotplug-hook commands...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: inet: Sk-skrxdst was converted to RCU rules. The syzbot reported various issues related to early demux processing. One of these issues is included in this changelog 1. Sk-skrxdst uses RCU protection without proper documentatio...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: nfc: fdp: Fixed a potential memory leak in fdpncisend. The fdpncisend function calls fdpncii2cwrite, which does not free the skb object after its execution. As a result, when fdpncii2cwrite is completed, the skb object will...