Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Ethernet: Aeroflex: fixed a potential skb leak in grethinitrings The grethinitrings function does not free the newly allocated skb when dmamappingerror returns an error. Therefore, devkfreeskb was added to fix this issue. This ha...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed the verifier’s assumptions regarding the socket-sk structure. The verifier assumes that the sk field in the struct socket structure is valid and not NULL when the socket pointer itself is trusted and not NULL. This...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Audit: Improved robustness of audit queue handling If the audit daemon becomes stuck in a stopped state, the kauditdthread function in the kernel might get blocked while attempting to send audit records to the audit daemon in the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Networking layer: Fixed a memory leak that occurred when uncloning an skb dst and its associated metadata. When uncloning an skb dst and its associated metadata, a new dst+metadata is allocated and later replaces the old one in t...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fixed an issue with the data length underflow in SKB structures. A BUGON will be triggered in the include/linux/skbuff.h file, resulting in intermittent kernel panics when a data length underflow is detected. This...

Astra Linux - уязвимость в linux-5.15, linux-6.1, linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: TLS: Fix for race conditions between async notify and socket close The thread that submitted the request the one that called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Any code after that point...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Check for any of the tcpbpfprots when cloning a listener. A listening socket linked to a sockmap has its skprot overridden. It points to one of the struct proto variants in tcpbpfprots. This variant depends on the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: Race conditions between subflow failures and additional subflow creations. We have race conditions similar to those addressed by the previous patch, between subflow failures and additional subflow creations. These conditio...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fixed a potential memory leak in bcmaspxmit. The bcmaspxmit function returns NETDEVTXOK without freeing the skb object in case of mapping failures. Add devkfreeskb to address this issue...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Flushing delayed SKBs while releasing RXE resources When SKB packets are sent out, they still depend on rxe resources, such as QP and sk. If these resources are released when the SKB packets are destroyed, call traces m...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: qrtr: Fixed a bug related to access to the uninit variable in qrtrtxresume. Syzbot reported the following bugs: ===================================================== BUG: KMSAN: uninit-value in qrtrtxresume+0x185/0x1f0...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: TCP/UDP: Fixed memory leaks related to sk and zerocopy SKBS with TX timestamps. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY SKBS. We can reproduce the problem with the following sequence: sk = socketAFINET,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: fixed a refcount bug in skpsockget 2 Syzkaller reported the refcount bug as follows: ------------ cut here ------------ refcountt: saturated; memory was leaking. WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: cdceem: Fix for the leak in eemfixup when usbnet transmits a skb. When usbnet transmits a skb, it is processed in eemtxfixup. If skbcopyexpand fails, it returns NULL. In this case, usbnetstartxmit has no chance to free the...

Astra Linux - уязвимость в cloud-init

In cloud-init through 25.1.2, the systemd socket unit cloud-init-hotplugd.socket is included, with a default SocketMode of 0666, allowing world-write permissions. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. A non-privileged user can trigger hotplug-hook commands...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netlabel: Fixed a NULL pointer exception caused by CALIPSO on IPv4 sockets. When calling netlblconnsetattr, addr-safamily is used to determine the function’s behavior. If sk is an IPv4 socket, but the connect function is called...

Astra Linux - уязвимость в linux

A vulnerability was discovered in the Linux kernel, where the non-blocking socket operation in llcpsockconnect leads to a leak and ultimately causes the system to hang...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: e100: Fixed possible use of memory after it is freed in e100xmitprepare. In e100xmitprepare, if it is not possible to map the skb, then -ENOMEM is returned. As a result, e100xmitframe will return NETDEVTXBUSY, and the upper layer...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: inet: Sk-skrxdst was converted to RCU rules. The syzbot reported various issues related to early demux processing. One of these issues is included in this changelog 1. Sk-skrxdst uses RCU protection without proper documentatio...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: iouring: Any code related to SCMRIGHTS has been removed. This is dead code after we stopped supporting the use of iouring for handling file I/O via SCMRIGHTS; it can now be discarded...