Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mac80211-hwsim: fixed the handling of late beacon hrtimer events. Thomas explained in https://lore.kernel.org/r/87mtoeb4hb.ffs@tglx that our current handling of the hrtimer is incorrect. If the timer fires late—for example, due t...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fixed a possible use-after-free in iamoduleexit The remove function of this module calls deltimer. However, that function does not wait for the timer handler to finish. This means that the timer handler may still be...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fixed a possible use-after-free in nicstarcleanup The remove path of this module calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: sched/fair: This bug prevents dead task groups from regaining access to cfsrq. Kevin is reporting crashes that indicate a use-after-free of cfsrq in the function updateblockedaverages. Initial debugging revealed that cfsrq...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: clocksource/drivers/cadence-ttc: Fixed a memory leak in ttctimerprobe. Matching reports: drivers/clocksource/timer-cadence-ttc.c: Line 529, ttctimerprobe; Warning: ‘timerbaseaddr’ from ofiomap is not released on lines...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same issue as in the previous patch two timer callbacks attempting to cancel each other can also occur through bpfmapupdateelem. More precisely, freeing elements containing...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2lwdt: Fixed the 32-bit overflow issue. The value of timercycleus can be 0 due to 32-bit overflow. For example, if we assign the counter value “0xfff” for computing maxval. This patch fixes this issue by appending...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Failure in bpftimercancel when the callback is being canceled Given a schedule: timer1 cb timer2 cb bpftimercanceltimer2; bpftimercanceltimer1; Both bpftimercancel calls will wait for the other callback to complete execution...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: appletbkbd: fixed a “slab-use-after-free” bug in appletbkbdprobe. In the probe function appletbkbdprobe, an instance of “struct appletbkbd kbd” is allocated using devmkzalloc to store touch-bar keyboard-related data. Later, ...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mrp: Introduced active flags to prevent UAF when the applicant uninit occurs. The caller of deltimersync must prevent the timer from restarting. If we don’t have this synchronization, there is a small probability that the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - dm cache: Fixed UAF in the destroy function. - Dmcache also has the same UAF issue when dmresume and dmdestroy are executed concurrently. Therefore, the timer is canceled again in the destroy function...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use deltimersync instead of deltimer in the fw reset flow of the halting poll. Replace deltimer with deltimersync in the fw reset polling activation flow. This prevents a race condition that occurs when deltimer is call...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: It is necessary to call deltimersync before freeing a timer. A crash report indicated that the timer list might become corrupted when a timer is freed while still active. This issue is commonly caused by code...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fixed an issue where a use-after-free occurred in net in reqsktimerhandler. syzkaller reported a warning regarding the netns tracker 0, followed by KASAN, SPLAT 1, and another ref tracker warning 1. syzkaller was unable...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed the use-of-memory issue in nreq in reqsktimerhandler. The referenced commit replaced inetcskreqskqueuedropandput with inetcskreqskqueuedrop and reqskput in reqsktimerhandler. Next, oreq should be passed to reqskput...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: rxrpc: A race condition in rxrpcexitnet has been fixed. The current code may lead to the following race conditions: CPU0 vs. CPU1 c rxrpcexitnet follows by: c rxrpcpeerkeepaliveworker if rxnet-live is true. c rxnet-live = fals...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timers only once A check for existing xen timers was added before initializing a new timer. Currently, the kvmxeninittimer function is called every time KVMXENVCPUATTRTYPETIMER is used. This causes th...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: fixed a use-after-free in twtimerhandler A real-world panic issue was discovered in Linux 5.4. The details of the issue are as follows: - Bug: Unable to handle a page fault for the address: ffffde49a863de28 - Memory layout:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ptp: ocp: fixed use-after-free bugs caused by ptpocpwatchdog The ptpocpdetach function only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, timerdeletesync is not called. This...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tty: serial: imx: disable Ageing Timer interrupt request irq There might be pending USR interrupts before requesting the IRQ. However, the uartaddoneport function has not been executed, which could lead to a kernel panic. 0.79566...