Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: llc: Support for ETHPTR8022 has been removed. The syzbot reported a bug related to uninit-values. 0 llc previously supported ETHP8022 0x0004 and also ETHPTR8022 0x0011. The syzbot exploited this to trigger the bug. The code us...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-tmio: check return value after calling platformgetresource This vulnerability could lead to a null-ptr-deref error if platformgetresource returns NULL. Therefore, we need to check the return value of this function...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free in ext4orphancleanup. I identified the issue as follows: BUG: KASAN: Use-after-free in listaddvalid+0x28/0x1a0. Read of size 8 at address ffff88814b13f378 by task mount/710. CPU: 1 PID: 710 Comm:...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mm/mempolicy: fixed an issue where uninit-value was present in mpolrebindpolicy. mpolsetnodemask mm/mempolicy.c does not set the nodemask when pol-mode is MPOLLOCAL. Check pol-mode before accessing pol-w.cpusetmemsallowed in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: parisc: Clearing stale IIR values during Instruction Access Rights Trap When a trap 7 Instruction Access Rights occurs, it means that the CPU could not execute an instruction due to missing execute permissions on the memory regio...

Astra Linux – Vulnerability in ujson

UltraJSON is a fast JSON encoder and decoder written in pure C, with bindings for Python 3.7+. It was found that affected versions incorrectly decoded certain characters. JSON strings containing escaped surrogate characters that were not part of a valid surrogate pair were decoded incorrectly. Th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Performing early GT MMIO initialization is necessary to read the GMDID. VFs need to communicate with the GuC to obtain the GMDID value. Existing GuC functions that use this information assume that the GT has already se...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fix for the iteration of extrefs during log replay. When calling inodeaddref and processing extrefs, if we jump to the next label, the value of victimname.len is undefined. This occurs because victimname.len wasn’t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: nvdec: Fix the dmaalloccoherent error check A check has been added to prevent a NULL return value from occurring when using dmaalloccoherent. This change follows Robin’s fix for the vic.c file in drm/tegra: vic: Fix DM...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix for unbuffered write error handling If all the subrequests in an unbuffered write stream fail, the subrequest collector does not update the stream-transferred value, and it retains its initial LONGMAX value...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drivers/md/md-bitmap: Check the return value of mdbitmapgetcounter. Check the return value of mdbitmapgetcounter in case it returns a NULL pointer, which would lead to a null pointer dereferencing. v2: Updated the check to includ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: hsr: Fixed uninit-value access in fillframeinfo Syzbot reports the following uninit-value access problems. ===================================================== BUG: KMSAN: uninit-value in fillframeinfo net/hsr/hsrforward.c:60...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an uninitialized value in ‘ext4evict inode’. Syzbot identified the following issue: ===================================================== BUG: KMSAN: Uninitialized value in ext4evict inode+0xdd/0x26b0,...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: hwmon: adc128d818 Underflow issues were fixed when writing limit attributes. The DIVROUNDCLOSEST function, after kstrtol, may cause an underflow if a large negative number, such as -9223372036854775808, is provided by the user...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mac80211: Only QoS data frames are tracked for admission control. For admission control, it clearly only applies to QoS data frames. Otherwise, we wouldn’t even be able to access the QoS field in the header. Syzbot reported an...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8712: fixed an issue where uninit-value was present in r871xudrvinit. When ‘tmpU1b’ returns from r8712read8padapter, EE9346CR is 0, ‘mac6’ will not be initialized. BUG: KMSAN: uninit-value in r871xudrvinit+0x2d54/0x30...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: inetdiag: The pad field in struct inetdiagreqv2 should be initialized. KMSAN reported an uninitialized access to uninitvalue in rawlookup. For raw sockets, the pad field in struct inetdiagreqv2 is used for the underlying...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: A potential dereferencing issue with the RCU was fixed in the wilcparsejoinbssparam function. In the wilcparsejoinbssparam function, the TSF field of the ies structure is accessed after the RCU read-side critical...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: fixed a division by zero in ad7124setchannelodr In the ad7124writeraw function, the parameter val can potentially be zero. This may lead to a division by zero when DIVROUNDCLOSEST is called within...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: can: dev: cansettermination, which allows for GPIO devices that are in a sleeping state to be managed. In commit 6e86a1543c37 “can: dev: provide optional GPIO-based termination support”, GPIO-based termination support was added...