Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - acpi: nfit: vmalloc-out-of-bounds read in acpinfitctl A issue detected by syzbot with KASAN has also been fixed: BUG: KASAN: vmalloc-out-of-bounds in cmdtofunc, drivers/acpi/nfit/core.c:416 inline BUG: KASAN:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ublk: Fixed a NULL pointer dereference in ublkctrlsetsize. ublkctrlsetsize dereferes ub-ubdisk unconditionally through setcapacityandnotify, without checking whether ub-ubdisk is NULL. ub-ubdisk becomes NULL before...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: xsk: Validated user input for XDPUMEM|COMPLETIONFILLRING syzbot reported an illegal copy in xsksetsockopt 1 Ensure that the @optlen parameter of setsockopt is validated. 1 BUG: KASAN: Out-of-bounds access in...

Astra Linux – Vulnerability in WebKit2GTK

Integer overflow has been addressed through improved input validation. This issue is fixed in iOS 14.5.1, iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, and macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in Linux-Firmware

Improper input validation in some IntelR Graphics Drivers for Windows before version 26.20.100.7212 and before the Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: comedi: das16m1: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: / Only IRQs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid / if 1 options1 & 0xdcfc However, it-optionsi is an...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate vlan header Ensure there is sufficient room to access the protocol field of the VLAN header; validate it once before the flowtable lookup. ===================================================== BUG:...

Astra Linux – Vulnerability in WebKit2GTK

A vulnerability related to out-of-bounds reads has been addressed through improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6, and iPadOS 15.7.6, Safari 16.5, iOS 16.5, and iPadOS 16.5. Processing web content may disclose sensitive information...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: octeontx2-af: Added validation before accessing cgx and lmac. With the addition of new MAC blocks such as CN10K RPM and CN10KB RPMUSX, LMACs are noncontiguous, and CGX blocks are also noncontiguous. However, during the RVU...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xfrm: Validates the prefix length of new SA entries using the SA family, when sel.family is unset. This extends the validation introduced in commit 07bf7908950a “xfrm: Validates address prefix lengths in the xfrm selector”. The...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: jfsdmap: Validates dbl2nbperpage during mounting In jfsdmap.c, on line 381, BLKTODMAP is used to obtain a logical block number within dbFree. dbl2nbperpage, which is the log2 of the number of blocks per page, is passed as an...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ublk: It is necessary to sanitize the arguments from userspace when adding a device. The Sanity function checks the values for queue depth and the number of queues that we obtain from userspace when adding a device...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed by removing the unnecessary f2fsbugon function to avoid panics. The verifyblkaddr function will trigger a panic once we introduce a fault into f2fsisvalidblkaddr; this unnecessary f2fsbugon function has been remove...

Astra Linux – Vulnerability in dcmtk

There is an improper array index validation vulnerability in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to exploit this vulnerability...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: dccp: copying the entire header to the stack buffer, not just the basic header Eric Dumazet states that: nfconntrackdccppacket has a unique mechanism: dh = skbheaderpointerskb, dataoff, sizeofdh, &dh; And...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: The incorrect reference to iokiocb in iolinkskb has been fixed. In the iolinkskb function, there is a bug where the value of prevnotif is incorrectly assigned using ‘nd’ instead of ‘prevnd’. This causes the context...

Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisock: Fixed an issue where user input was not validated. The length of user input was checked before copying data...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: Added a check for nextbuffer in receiveencryptedstandard. Added a check on the return values of cifsbufget and cifssmallbufget in receiveencryptedstandard to prevent null pointer dereferencing...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: validate the length of the advertising payload sent via meshsend The meshsend function currently limits the MGMTOPMESHSEND operation based on the total command length. However, it does not verify whether the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: The response size is validated in ipcvalidatemsg. ipcvalidatemsg calculates the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon’s response to a fixed stru...