Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: e1000: Moved cancelworksync to avoid deadlock. Previously, e1000down called cancelworksync for the e1000 reset task via e1000downandstop, which caused a RTNL condition. According to user reports and syzbot, a deadlock may occur i...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: fixed a crash in setmeshsync and setmeshcomplete. There is a bug: KASAN: a stack-out-of-bounds issue in setmeshsync, caused by memcpy from a poorly declared on-stack flexible array. Another crash occurs in...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Watchdog: sc520wdt: A possible use-after-free occurred in wdtturnoff. The remove method of this module calls deltimer. However, that function does not wait for the timer handler to complete. This means that the timer handler may...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed a memory leak in hcireqsyncComplete In the function hcireqsyncComplete, always free the previous sync request state before assigning a reference to a new one...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: gpio: pca953x: Fixed the race condition in pca953xirqbussyncunlock. Ensure that i2clock is held when setting the interrupt latch and mask in pca953xirqBusSyncUnlock. This prevents race conditions. Another non-probing call site...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: In hci, fix for null-ptr-deref in hcireadsupportedcodecs. Fix hcicmdsyncsk to return not NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed a race condition in hcicmdsyncclear. There is a potential race condition in hcicmdsyncwork and hcicmdsyncclear, which could lead to use-after-free issues. For example, hcicmdsyncwork is added to the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A race condition was detected in the Linux kernel’s sound/hda device driver, specifically in the sndhdacregmapsync function. This can lead to a null pointer dereferencing issue, potentially causing a kernel panic or a denial-of-service attack...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: macsec: sync features on RTMNEWLINK Syzkaller was able to lock the lower device via ETHTOOLSFEATURES: - netdevlock, include/linux/netdevice.h: 2761 inline - netdevops, include/net/netdevlock.h: 42 inline -...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: soundwire: bus: Fix unbalanced pmruntimeput causing usage count underflow This issue is addressed by the commit 443a98e649b4 “soundwire: bus: use pmruntimeresumeandget”. The calls to pmruntimeresumeandget are changed back to...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mrp: Introduced active flags to prevent UAF when the applicant uninit occurs. The caller of deltimersync must prevent the timer from restarting. If we don’t have this synchronization, there is a small probability that the...

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in Sync in Google Chrome prior to version 141.0.7390.65 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fixed a possible use-after-free in iamoduleexit The remove function of this module calls deltimer. However, that function does not wait for the timer handler to finish. This means that the timer handler may still be...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed a crash that occurred during racing fsync and size-extending writes to prealloc. We have observed crashes occurring due to duplicate keys in btrfssetitemkeysafe: BTRFS critical device vdb: slot 4 key 450 108 8192 new...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the idatasem unlock order in ext4indmigrate Fuzzing reported a potential deadlock in jbd2logwaitcommit. This issue occurs when the EXT4IOCMIGRATE ioctl is set to require synchronous updates because the file...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: acpi: typec: ucsi: Introduced a -pollcci method For the ACPI backend of UCSI, the UCSI “registers” are merely a memory copy of the register values in an opregion. The ACPI implementation in the BIOS ensures that the contents of t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fixed warnings related to cancelsync on uninitialized workstructs. Betty reported encountering the following warning: 8.709131 T221 WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182 ... 8.713282 T221 Call trace:...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Watchdog: Fixed a possible use-after-free in wdtstartup. The remove path of this module calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fixed a possible use-after-free in nicstarcleanup The remove path of this module calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use deltimersync instead of deltimer in the fw reset flow of the halting poll. Replace deltimer with deltimersync in the fw reset polling activation flow. This prevents a race condition that occurs when deltimer is call...