Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fixed an issue where the peerid of 0 was not found when the connection was disconnected. There is a failure log for this issue, located at ath11kdprxprocessmonstatus. When debugmask is not set, the following message...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fixed the crash that occurred when using WRITESAME without a data buffer. In the newer version of the SBC specifications, there’s a NDOB bit that indicates that there is no data buffer being written. If this bit is...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Security issue: Restrict CONFIGZEROCALLUSEDREGS to GCC or Clang version 15.0.6 or later. A bug in Clang’s implementation of -fzero-call-used-regs can lead to NULL pointer dereferencing see the links above the check for more...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed a memory leak when the block address of a non-inlined pcluster is zero. Syzkaller reported a memory leak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed Unreferenced object...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: In net/ieee802154, there is no longer a warning being issued for zero-sized rawsendmsg requests. The syzbot bug triggers a warning when calling skbassertlen at devqueuexmit. For PFIEEE802154 sockets, a zero-sized rawsendmsg reque...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Fixed a divide-by-zero bug in arksetpixclock Since the user can control the arguments of the ioctl function from the user space, there are special cases where a divide-by-zero bug may occur. For example, in:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not corrupt the pfn list when doing batch carry If batch-end is 0, then setting npfns0 before computing the new value of pfns will fail to adjust the pfn, resulting in various page accounting corruptions. This operati...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: Initialize the kexecbuf struct in loadothersegments The kexecbuf structure was previously declared without initialization. The commit bf454ec31add “kexecfile: Allow to place the kexecbuf randomly” added a field that...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed an infinite loop issue when len is 0 in the tcpbpfrecvmsg parser. When the buffer length of the recvmsg system call is 0, the following soft lockup problem occurred: watchdog: BUG: Soft lockup – CPU3 stuck...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid undefined behavior: applying zero offset to null pointer ACPICA commit 770653e3ba67c30a629ca7d12e352d83c2541b1e Before this change we see the following UBSAN stack trace in Fuchsia: 0 0x000021e4213b3302 in...

Astra Linux – Vulnerability in libtar

An attacker who submits a crafted tar file with a size of 0 in the header struct may be able to trigger a call to malloc0 for a variable named gnulonglink, resulting in an out-of-bounds read...

Astra Linux – Vulnerability in Puma

Puma is a Ruby/Rack web server designed for parallelism. Prior to versions 6.3.1 and 5.6.7, Puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers, which could allow HTTP request smuggling. The severity of this issue depends heavily ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algorithms and encap templates. When copying data to user-space, we must ensure that only valid data is copied. Padding in structures may contain random potentially sensitive data and should never ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Misc: pciendpointtest: Fixed the panic that occurs when calling pciendpointtestcopy,write,read The dmamapsingle function does not allow zero-length mappings. This causes a panic. A panic was reported on the arm64 architecture:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: PCI: Fixed issue where valid root bus resources were dropped when end = zero. On r8a7791/koelsch: - kmemleak: 1 new suspected memory leak see /sys/kernel/debug/kmemleak. - cat /sys/kernel/debug/kmemleak - unreferenced object...

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol. Clients that rely on FreeRDP before version 3.5.1 are vulnerable to out-of-bounds read attacks if nWidth == 0 and nHeight == 0. Version 3.5.1 includes a patch for this issue. There are no known workarounds available...

Astra Linux – Vulnerability in Poppler

A issue was discovered in Poppler through version 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc...

Astra Linux – Vulnerability in Redis

Redis is an open-source, in-memory database that persists data on disk. A integer overflow bug that affects all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability involves changi...

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed a division by zero issue in l2capleflowctlinit. l2capleflowctlinit may cause both a division by zero and an integer overflow, as hdev-lemtu may not fall within the valid range. The MTU value was moved...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - ntfs: Added a sanity check on the allocation size. - ntfsread inodemount calls ntfsmallocnofs with an allocation size of zero. This triggers a bug in the ntfsmalloc function. This issue has been fixed by adding a sanity chec...