Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: added validation for the ringlen parameter. The ringlen parameter provided by the virtual function VF is assigned directly to the hardware memory context HMC without any validation. To address this issue, a upper boundar...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Added parameter validation for packet data. Syzbot reported a bug involving uninitialized values in nciinitreq. This bug was introduced through the commit 5aca7966d2a7 “Merge tag...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pidfs: validate extensible ioctls. The validation of extensible ioctls is performed more strictly than currently practiced...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl726 – Prevent invalid IRQ numbers. The reproducer passed an IRQ number 0x80008000 that was too large, triggering the unexpected behavior. A check for the IRQ number was added to prevent users from entering an excessive...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some parts of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. However, the size of these operations is determined separately in the...

Astra Linux – Vulnerability in gst-plugins-bad1.0

GStreamer MXF File Parsing: Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may vary...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed an issue where user input was not validated. The length of user input was checked before data was copied...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed a slab out-of-bounds write in smbinheritdacl. The slab out-of-bounds write occurs because the offsets are larger than the allocation size of pntsd. This patch adds a check to validate the three offsets using the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: hfs: fixed a buffer overflow issue in hfsbnoderead. This patch introduces the isbnodeoffsetvalid method, which checks the requested offset value. It also introduces the checkandcorrectrequestedlength method, which checks and...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: verifyremainingdatalength respects maxfragmentedrecvsize This issue is related to the check for dataoffset + datalength...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Validates nvmelocalport correctly The driver load failed with the following error message: qla2xxx 0000:04:00.0-ffff:0: registerlocalport failed: ret=ffffffef And there was a kernel crash: BUG: Unable to handle ...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: cifs: Fixed a buffer overflow issue when parsing NFS reparse points. ReparseDataLength is the sum of the InodeType size and the DataBuffer size. To obtain the DataBuffer size, it is necessary to subtract the InodeType size fro...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: net: sierra: check for no status endpoint The driver checks whether it has three endpoints, as well as endpoints for bulk in-and-out operations. However, it does not check whether the third endpoint is an interrupt input. Th...

Astra Linux – Vulnerability in PHP 7.3

In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21, and 8.0.x below 8.0.8, when using URL validation functionality via the filterVar function with the FILTERVALIDATEURL parameter, a URL with an invalid password field can be accepted as valid. This can cause the code to incorrectly parse the U...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath11k: Fixed corruption of SKBs in the REO destination ring. While running traffic for a long time, a random RX descriptor filled with the value “0” from the REO destination ring is received. This invalid descriptor...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed an array-index-out-of-bounds issue in diAlloc. Currently, there is no check for the agnno of the iag when allocating new inodes to avoid fragmentation problems. The check has been added, which is necessary...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Slip: Make slhcremember more robust against malicious packets. syzbot found that slhcremember lacked checks against malicious packets 1. slhcremember only checks that the packet’s size is at least 20 bytes, which is...

Astra Linux – Vulnerability in libxml2

A issue was discovered in libxml2 before versions 2.11.7 and 2.12.x, and even before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to a use-after-free of the xmlValidatePopElement function...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed idx validation in i40evalidatequeuemap. Ensured that the idx value is within the range of active/initialized TC’s when iterating over vf-chidx in i40evalidatequeuemap...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: corrected the incorrect validation of the numaces field in smbacl. parsedcal now validates numaces to allocate an array of posixacestatearray. If numaces is greater than ULONGMAX / sizeofstruct smbace++, it results in a...