12251 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tipc: re-fetching the skb context after calling tipcmsgvalidate As shown in the call trace, the original skb was freed during the execution of tipcmsgvalidate. Dereferencing the old skb context would cause a “use-after-free” cras...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a recursive lock issue when the streamverdict program returns SKPASS. When the streamverdict program returns SKPASS, it places the received skb into its own receive queue. However, a recursive lock occurs eventually,...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: rpl: Fix use-after-free in rpldosrhinline. Running lwtdstcacherefloop.sh in selftest with KASAN triggers the splat below 0. rpldosrhinline fetches ipv6hdrskb and accesses it after skbcowhead, which is illegal as the header could ...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: iouring: Any code related to SCMRIGHTS has been removed. This is dead code after we stopped supporting the use of iouring for handling file I/O via SCMRIGHTS; it can now be discarded...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netlabel: Fixed a NULL pointer exception caused by CALIPSO on IPv4 sockets. When calling netlblconnsetattr, addr-safamily is used to determine the function’s behavior. If sk is an IPv4 socket, but the connect function is called...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed a segmentation fault in rxecompqueuepkt. In rxecompqueuepkt, an incoming response packet is enqueued into the resppkts queue. Then, it is decided whether to run the completer task inline or schedule it. Finally, t...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Added a check on the len parameter to prevent empty skb objects. This prevents a division error in the netemenqueue function, which occurs when skb-len=0 and skb-datalen=0 during the randomized corruption...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: at86rf230: Stop leaking skb’s Upon an error, the ieee802154xmitcomplete helper is not called. Only ieee802154wakequeue is called manually. In the Tx case, the skb structure is leaked. The skb structure should be...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: xsk: The recycle buffer was handled in cases where the Rx queue was full. A missing call to xskbufffree was added when xskrcvzc failed to produce a descriptor for the XSK Rx queue...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed a race condition related to the refcnt of skb after locking operations. There is a race condition where the skb from the skpsockbacklog can be referenced after the user-space side has already consumed the...
Astra Linux - уязвимость в linux-6.1, linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: RFCOMM: No fix to ensure that user input is validated before setting the setsockopt function. The syzbot reported that the rfcommsocksetsockoptold function copies data without checking the length of the user input...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: tipc: Fixed a use-after-free in the kernel socket in cleanupbearer. syzkaller reported a use-after-free of the UDP kernel socket in cleanupbearer, without repro. 01 When bearerdisable calls tipcudpdisable, the cleanup of the U...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: pfcp: The device is destroyed along with the udp socket’s netns. The pfcpnewlink function links the device to a list in devnet instead of net, where an udp tunnel socket is created. Even when net is removed, the device remains...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: can: xilinxcan: xcanwriteframe: fixed the issue of releasing the SKB after its use. canputechoskb takes ownership of the SKB, and it might be released during or after the call. However, xilinxcan xcanwriteframe continues to us...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: tcpbpf: The function tcpbpfsendverdict fails to allocate psock-cork when called. syzbot reported the following issue. 0 The reproduction of the issue involves the following steps: 1. Load a skmsg program that calls...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: atm: fixed the use after free in lecsend The -send operation frees the skb object; therefore, the length of the object should be saved before calling -send to avoid a use after free situation...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending messages. The sk-sksocket is not locked or referenced in the backlog thread. During the call to skbsendsock, there is a race condition involving the release of sksocket...
Astra Linux - уязвимость в nodejs
A malformed HTTP/2 HEADERS frame with oversized, invalid HPACK data can cause Node.js to crash by triggering an unhandled TLSSocket error ECONNRESET. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. This primarily affects applications that do not...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: Prevent BPF from accessing lowat from a subflow socket. Alexei reported the following error: WARNING: CPU: 32, PID: 3276, in net/mptcp/subflow.c:1430, function subflowdataready+0x147/0x1c0. Linked modules: dummy,...