Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: fix a kernel panic when sending untagged traffic via a VxLAN device. This issue occurs during the check for fragmentation in brnfdevqueuexmit. It depends on the following conditions: 1 The brnetfilter modu...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: Do not unset the “window” if it was never set. On pSeries, when a user attempts to use the same vfio container used by different iommu groups, the spaprtcesetwindow function returns -EPERM. The subsequent...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: x1e80100: Add GPU cooling Unlike the CPU, the GPU does not throttle its speed automatically when it reaches high temperatures. With certain high GPU loads, it is possible to reach the critical hardware shutdown...

Astra Linux – Vulnerability in Chromium

Before version 92.0.4515.107, using free memory in GPUs with Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fixed the issue of information leakage due to DMAFROMDEVICE. The problem I’m addressing was discovered during the LTP test covering cve-2018-1000204. A brief description of what happens is as follows: 1. The test case...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86/pmu: Disabled support for adaptive PEBS. Support for virtualizing adaptive PEBS has been discontinued. This is because KVM’s implementation is architecturally broken without an obvious or easy way to address this issu...

Astra Linux – Vulnerability in libmodbus

It was discovered that libmodbus v3.1.6 contains a use-after-free issue related to the ctx-backend pointer. This vulnerability allows attackers to trigger a Denial of Service DoS attack by sending a crafted message to the unit-test-server...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fixed handling of partial GPU mapping of BOs. This commit fixes the bug in handling partial mapping of buffer objects to the GPU, which caused kernel warnings. Panthor did not handle correctly the case where the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Added TMF to tmrlist handling An abort that is responded to by iSCSI itself is added to tmrlist, but it does not go to the target core. A LUNRESET that goes through tmrlist takes a refcounter on the abort and...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fixed a potential division-by-zero error in emcomputecosts. When the device is of a non-CPU type, tablei.performance will not be initialized in the previous eminitperformance call. This results in a division by zero when...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/panthor: Fixed UAF issues on kernel BO VA nodes. If the MMU is down, panthorvmunmaprange might return an error. We expect the page table to still be updated; if the MMU is blocked, the rest of the GPU should also be blocke...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf: arm-ni: Unregistering PMUs due to probe failure When a resource allocation fails in one clock domain of an NI device, we need to properly roll back all previously registered perf PMUs in other clock domains of the same...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/32: Fixed the hard lockup that occurred due to vmap stack overflow. Since the commit c118c7303ad5 “powerpc/32: Fixed vmap stack – Do not activate the MMU before reading the task struct”, a vmap stack overflow would result...

Astra Linux – Vulnerability in libde265

It was discovered that Libde265 v1.0.14 contains a global buffer overflow vulnerability in the readcodingunit function at slice.cc...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: The probe of the client device is deferred after the SMMU device is bound. A null pointer dereference occurs due to a race between the SMMU driver’s probe and the client driver’s probe. This occurs when the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Reading the IOMMU Stream ID from the device tree Nvidia’s Tegra MGBE controllers require the IOMMU “Stream ID” SID to be written to the MGBEWRAPAXIASID0CTRL register. The current driver is hardcoded to u...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: llc: Makes llcuisendmsg more robust against changes related to bonding. syzbot was able to exploit llcuisendmsg, allocating a skb without sufficient headroom, and then attempting to append 14 bytes of Ethernet header information...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: powercap: intelrapl: Fixed the UBSAN shift-out-of-bounds issue. When value timeunit, the parameter of ilog2 will be zero, and the return value will be -1. u64-1 is too large for the shift exponent, potentially leading to a...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Added architecture-specific hugepteclear function. When executing mm selftests and running vmtest.sh, the following error occurs: BUG: Incorrect page state in process uffd-unit-tests. Pfn: 00000; Page: refcount: 0;...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two distinctly different samples of NEC uPD720200 one with a start/stop bug, one without it were observed to cause IOMMU faults after some “Missed Service Errors”. Th...