Astra Linux – Vulnerability in Golang-1.15

Avoid versions before 1.15.13 and 1.16.x, as well as those before 1.16.5, which have functions for DNS lookups that do not validate the responses from DNS servers. As a result, a return value might contain an unsafe injection e.g., XSS, which does not conform to the RFC1035 format...

Astra Linux – Vulnerability in Nettle

A flaw was discovered in Nettle versions prior to 3.7.2. In these versions, several Nettle signature verification functions—GOST DSA, EDDSA, and ECDSA—result in the Elliptic Curve Cryptography point ECC’s multiply function being called with out-of-range scalers. This may lead to incorrect results...

Astra Linux – Vulnerability in Linux

A issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, also known as CID-5d069dbe8aaf. The fusedogetattr function calls makebadinode in inappropriate situations, causing a system crash. NOTE: The original fix for this vulnerability was incomplete, and its...

Astra Linux – Vulnerability in Linux

A vulnerability was discovered in the Linux kernel, where the non-blocking socket operation in llcpsockconnect leads to a leak and ultimately causes the system to hang...

Astra Linux – Vulnerability in tar

A flaw was discovered in the src/list.c file of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The greatest threat posed by this vulnerability is to system availability...

Astra Linux – Vulnerability in Linux

A flaw was discovered in the JFS filesystem code within the Linux kernel, which allows a local attacker to cause the system to panic by enabling the ability to set extended attributes. This can lead to memory corruption or an escalation of privileges. The most significant threat posed by this...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fix for the iteration of extrefs during log replay. When calling inodeaddref and processing extrefs, if we jump to the next label, the value of victimname.len is undefined. This occurs because victimname.len wasn’t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fixed a race condition related to waking up the NFSLAYOUTDRAIN flag. We identified several systems where tasks were stuck in a writeback process, waiting for the same page lock. Additionally, one task was waiting for...

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved by improving access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, and visionOS 2.3. A maliciously crafted webpage may be able to obtain user fingerprints...

Astra Linux – Vulnerability in cups

OpenPrinting CUPS is an open-source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user belonging to the lpadmin group could use the cups web interface to modify configurations and insert malicious lines. As a result, the cupsd process, running as root...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfsd: When trying to queue dlrecall, if the call to nfsd4runcb fails, the reference count of dlstid is not decremented. This leads to a leak of the following objects: unreferenced object 0xffff88812067b578 size 344: Comm “nfsd”,...

Astra Linux – Vulnerability in cups

OpenPrinting CUPS is an open-source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process could perform arbitrary chmod operations on the target...

Astra Linux – Vulnerability in ntfs-3g

A properly crafted NTFS image can lead to a out-of-bounds read, caused by an invalid attribute in ntfsattrfindinattrdef, in NTFS-3G 2021.8.22...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netdevsim: use condresched in nsimdevtrapreportwork I am still seeing many syzbot reports hinting that syzbot might fool nsimdevtrapreportwork with hundreds of ports 1 Lets use condresched, and systemunboundwq instead of implicit...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed an invalid free of JFSIPipimap-iimap in diUnmount. syzbot detected an invalid-free in diUnmount: BUG: KASAN: double-free in slabfree mm/slub.c:3661 inline BUG: KASAN: double-free in kmemcachefree+0x71/0x110...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: s390/dasd: fixed an issue where error recovery led to data corruption on ESE devices. Extent Space Efficient ESE or thin-provisioned volumes need to be formatted on demand during normal IO processing. The dasdeseneedsformat...

Astra Linux – Vulnerability in WebKit2GTK

This issue has been resolved through improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4, iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, and watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected Safari crash...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Do not hold the layoutget locks across multiple RPC calls When performing layoutget as part of the open compound, we must be careful to release the layout locks before calling any further RPC calls, such as setattr. The...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfsd: fixed the NULL dereference in nfs3svcencodegetaclres In error cases, the dentry may be NULL. Before 20798dfe249a, the encoder also checked dentry and dreallyispositivedentry, but I think that was unnecessary—a zero status...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validated rec-used in the journal-replay file record check. The checkfilerecord function validates rec-total against the record size, but never validates rec-used. The doaction journal-replay handlers read rec-used from...