Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgputtmgartbind set gtt bound flag Otherwise, after the GTT context is released, the GTT and gart space are freed. However, amdgputtmbackendunbind does not clear the gart page table entry; instead, it leaves a valid...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: sparx5 – Fixed the issue where the entry was still used after being freed within sparx5delmactEntry. Based on the static analysis of the code, it appears that when an entry from the MAC table was removed, the entry was still...

Astra Linux – Vulnerability in SQLite3

In SQLite version 3.31.1, the ALTER TABLE implementation contains a use-after-free issue, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fixed the issue of freeing the HMB descriptor table. The HMB descriptor table is sized based on the maximum number of descriptors that can be used for a given device. However, nvmeallochostmem might break out of the loo...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ata: patamacio: Fix DMA table overflow Kolbjorn and Jonáš reported that their 32-bit PowerMacs were crashing in pata-macio since commit 09fe2bfa6b83 “ata: patamacio: Fix DMA table overflow when PAGESIZE == 64K”. For example: -...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: scrub: Handle RST lookup errors correctly BUG When running btrfs/060 with the forced RST feature, the following ASSERT inside scrubreadendio would crash: ASSERTsectornr nrsectors; Previously, we would get a tree dump from...

Astra Linux – Vulnerability in libbsd

The nlist.c file in libbsd before version 0.10.0 contains an out-of-bounds read during a comparison of a symbol name from the string table strtab...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Releasing rproc-cleantable after rprocattach fails When rproc-state = RPROCDETACHED is attached to a remote processor through rprocattach, if rprochandleresources returns an error, the clean table should be...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fixed an issue where incorrect filemapcount values were stored for non-leaf pmd/puds. The page table check trigger BUGON occurred unexpectedly when collapsing hugepages: ------------ cut here ------------ Kernel bug at...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: ubicreatevolume: Fixed a use-after-free issue when volume creation failed. There is a use-after-free problem related to ‘ebatbl’ in the error handling path of ubicreatevolume. c ubiebareplacetablevol, ebatbl vol-ebatbl = tbl...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the nullptrderef issue in mlx5createinner,ttctable. Added a NULL check for the value returned by mlx5getflownamespace in mlx5createinnerttctable and mlx5createttctable to prevent NULL pointer dereferencing...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf-sg = NULL if the creation of the sg table fails. When the user space attempts to map the dmabuf, and for some reason e.g., OOM, the creation of the sg table fails, ubuf-sg needs to be set to NULL. Otherwise, whe...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: s390/uv: Do not call foliowaitwriteback without a folio reference. foliowaitwriteback requires that no spinlocks are held and that a folio reference is held, as documented. After we removed the PTL, the folio object could be free...

Astra Linux – Vulnerability in ntfs-3g

NTFS-3G versions prior to 2021.8.22 may experience a heap buffer overflow when a specially crafted NTFS attribute is set up using the function ntfsattrsetupflag. This could allow code execution and an escalation of privileges...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tpm: In tpmcrb, add acpiputtable to fix a memory leak. In crbacpiadd, we obtain the TPM2 table to retrieve information such as the start method, and then assign those values to private data. Therefore, the TPM2 table is not used...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mctp i3c: handling of NULL header addresses daddr can be NULL if there is no neighbour table entry present; in that case, the TX packet should be discarded. saddr is usually set by the MCTP core, but NULL values are also...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: fixed module PLTs with mcount Li Huafei reports that the ftrace with module PLTs based on mcount was broken by the commit: a6253579977e4c6f “arm64: ftrace: consistently handle PLTs.” When module PLTs are used and a...

Astra Linux – Vulnerability in htmldoc

A flaw was discovered in htmldoc version 1.9.12. A heap buffer overflow in the rendertablerow function, located in ps-pdf.cxx, may lead to arbitrary code execution and denial of service...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables – Do not compare internal table flags during updates. If a table update does not modify the flags, skip the transaction...

dovecot: Fix of CVE-2017-15132

CVE-2017-15132: fix memory leak and hash-table use-after-free in authclientrequestabort lib-auth. Squashed upstream commits 1a29ed2f96da and a9b135760aea...