Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipv6: Annotated data-race in ndiscrouterdiscovery The syzbot found that ndiscrouterdiscovery could read and write in6dev-ramtu without holding a lock 1 This seems fine, as IFLAINET6RAMTU is a best-effort mechanism. Add...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATEBVi in the guest XSAVE state whenever XFDi=1 When loading the guest XSAVE state via KVMSETXSAVE, and when updating XFD in response to a guest WRMSR, the disabled features in XSTATEBV are cleared to ensure tha...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: x86/mm/pat: fixed the handling of VMPAT in COW mappings. The handling of PAT in COW mappings doesn’t work correctly. The first PTE or, in fact, all PTEs can be replaced during write faults, causing them to point to anonymous...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: l2tp: Pass the correct message length to ip6 AppendData. l2tpip6sendmsg needs to avoid accounting for the transport header twice when splicing more data into an already partially-occupied skbuff. To address this issue, we chec...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on ‘actiondata.varrefidx’ When generating a synthetic event with many parameters and then creating a trace action for it 1, a kernel panic occurred 2. This issue arises because in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: ipv4: Fixed an alignment fault in the multipath hash seed for ARM64 architectures. The struct sysctlfibmultipathhashseed contains two u32 fields userseed and mpseed, making it an 8-byte structure with a 4-byte alignment...

Astra Linux – Vulnerability in elfutils

The libcpu component, which is used by libasm of elftools version 0.177 git 47780c9e, suffers from denial-of-service vulnerabilities caused by application crashes due to out-of-bounds write CWE-787, off-by-one errors CWE-193, and reachable assertions CWE-617. To exploit these vulnerabilities,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix the reference leak The commit 20d72b00ca81 “netfs: Fix the request’s work item to not require a ref” modifies the netfsallocrequest function to initialize the reference counter to 2 instead of 1. The rationale is that...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: Potential allocated iovec in the cache may be freed after a failure. If a read/write request passes through ioreqrwcleanup, and an allocated iovec is attached to the request but fails to be placed into the rwcache, it...

Astra Linux – Vulnerability in php-pear

In ArchiveTar version 1.4.11, the Tar.php script allows write operations involving directory traversal, due to insufficient checking of symbolic links. This issue is related to CVE-2020-28948...

Astra Linux - уязвимость в linux-5.15

A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.18, prior to 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case of smb2write...

Astra Linux – Vulnerability in Ceph

A flaw was discovered in OpenStack Manilla that manages Ceph File systems’ shares. This flaw allows the owner to read/write any share or entire file system. The vulnerability stems from a bug in the “volumes” plugin of the Ceph Manager. This allows attackers to compromise the confidentiality and...

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in Dawn in Google Chrome prior to version 125.0.6422.76 allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nfc: nxp-nci: Fixed a potential memory leak in nxpncisend The nxpncisend function calls nxpncii2cwrite. The skb is only freed when nxpncii2cwrite fails. However, even if nxpncii2cwrite succeeds, the skb is not freed within...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - In fuse: Access to the “folio” field was blocked due to an overflow issue. - syz reported a slab-out-of-bounds Write operation in fusedevdowrite. When the number of bytes to be retrieved is truncated to the upper limit by...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

The qfqchangeclass function in net/sched/schqfq.c in the Linux kernel before version 6.2.13 allows a out-of-bounds write vulnerability, as lmax can exceed QFQMINLMAX...

Astra Linux - уязвимость в amd64-microcode

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rxe: Returns a CQE error if an invalid lkey is provided. RXE fails to update the WQE status in cases of LOCALwrite failures. This caused the following kernel panic if someone performed an atomic operation with an explicit...

Astra Linux – Vulnerability in ffmpeg

A issue was discovered in the function latmwritepacket in the file libavformat/latmenc.c in Ffmpeg 4.2.1. This issue allows attackers to cause a Denial of Service or other unspecified impacts due to a Null pointer dereference...