12253 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-net: Fixed pages leaking when building skb in big mode. We attempt to use buildskb if there is sufficient “tailroom”. However, we forget to release the unused pages that are chained via private in big mode, which can lead ...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netlabel: Fixed a NULL pointer exception caused by CALIPSO on IPv4 sockets. When calling netlblconnsetattr, addr-safamily is used to determine the function’s behavior. If sk is an IPv4 socket, but the connect function is called...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/handshake: The destructor was restored after a submission failure. The handshakereqsubmit function replaces sk-skdestruct, but never restores it when the submission fails before the request is hashed. In this case,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: can: dev: canrestart: fix use after free bug After calling netifrxniskb, dereferencing skb is unsafe. In particular, the canframe field, which aliases skb memory, is accessed after the netifrxni function in: stats-rxbytes +=...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: skbuff: fixed the coalescing behavior for pagepool fragment recycling. Fixed a use-after-free issue when using pagepool with page fragments. We encountered this problem during normal RX processing in the hns3 driver: 1 Initially,...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: In the net: stream module, the purge skerrorqueue operation in skstreamkillqueues has been fixed. Changheon Lee reported TCP socket leaks, with a detailed reproduction code. It appears that we encounter TCP socket leaks in the...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: It is necessary to check that sock is valid before assigning it to the variable. The validity of sock should be checked to prevent incorrect values. This change was introduced in commit 57569c37f0ad...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: The etases58x driver does not populate the ndochangemtu function to prevent a buffer overflow. Sending a PFPACKET message allows bypassing the CAN driver’s logic and directly reaching the xmit function. The only check performed b...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: udp: Fixed multiple wraparounds of sk-skrmemalloc. udpenqueuescheduleskb has the following condition: if atomicread&sk-skrmemalloc sk-skrcvbuf goto drop; sk-skrcvbuf is initialized by net.core.rmemdefault and can later be...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: iouring: Any code related to SCMRIGHTS has been removed. This is dead code after we stopped supporting the use of iouring for handling file I/O via SCMRIGHTS; it can now be discarded...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed a segmentation fault in rxecompqueuepkt. In rxecompqueuepkt, an incoming response packet is enqueued into the resppkts queue. Then, it is decided whether to run the completer task inline or schedule it. Finally, t...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fixed the issue of double-allocation of slots due to incorrect alignment handling. The commit bbb73a103fbb “swiotlb: fix a braino in the alignment check fix” was a fix for the commit 0eee5ae10256 “swiotlb: fix slot...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: A use-after-free issue was addressed in emacmactxbufsend. In emacmactxbufsend, it calls emactxfilltpd.., skb,... If an error occurs in emactxfilltpd, the skb will be freed via devkfreeskbskb in the error branch...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: mcast: added RCU protection to mldnewpack The mldnewpack function can be called without holding RTNL or RCU. Note that we can no longer use sockallocsendskb, as ipv6.igmpsk relies on GFPKERNEL allocations, which may caus...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: In the BPF code, ensure that skb-len != 0 when redirecting a packet to a tunneling device. The syzkaller function managed to trigger another case where skb-len == 0 when entering devqueuexmit. WARNING: CPU: 0, PID: 2470; Location...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed a race condition related to the refcnt of skb after locking operations. There is a race condition where the skb from the skpsockbacklog can be referenced after the user-space side has already consumed the...
Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: batman-adv: fixed OOB read/write in network-coding decode. batadvncskbdecodepacket relies on codedlen and only checks against skb-len. The XOR operation starts at sizeofstruct batadvunicastpacket, which reduces the payload...
Astra Linux - уязвимость в waitress
Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before Waitress has had the opportunity to call getpeername, Waitress will not properly clean up the connection. As a result, the main thread attempts to write to a socket that no long...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: tcpbpf: The function tcpbpfsendverdict fails to allocate psock-cork when called. syzbot reported the following issue. 0 The reproduction of the issue involves the following steps: 1. Load a skmsg program that calls...