Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: kvaserusb: leaf: Fix potential infinite loop in command parsers The functions kvaserusbleafwaitcmd and kvaserusbleafreadbulkcallback contain logic for handling zero-length commands. These commands are used to align data with the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel before version 6.0.3, the file drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the return value of drmgemshmemgetsgtable. It expects the value to be NULL in the error case, but in reality, it is an error pointer...

Astra Linux – Vulnerability in hdf5

A SIGFPE signal was raised in the function H5Dchunksetinforeal of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempt to parse a crafted HDF file, due to incorrect protection against division by zero. This issue is distinct from CVE-2018-11207...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: An error will occur if pixclock equals zero. The user-space program can pass any value to the driver through the ioctl interface. If the driver does not check the value of pixclock, a divide-by-zero error may occur...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fixed the crash issue for the zero copy XDPTX action. There is a crash issue when running the zero copy XDPTX action. The crash log is as follows: 216.122464 Unable to handle kernel paging request at virtual address...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fixed a memory double-free issue when handling zero-length packets. Line 829: If request-complete, then: 830 – Unlock the lock of privdev. 831 – Called usbgadgetgivebackrequest&privep-endpoint, request. 833 – Lock the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ntfs: Set a dummy block size to “read bootblock” when mounting. During mounting, sb-sblocksize is used to read the bootblock without being defined or validated. Set a dummy block size before attempting to read the bootblock. The...

Astra Linux – Vulnerability in Qemu

In QEMU, the softmmu/physmem.c file, versions up to 7.0.0, can perform an uninitialized read on the translatefail path, resulting in an ioreadx or iowritex crash. NOTE: A third-party report states that the “Non-virtualization Use Case” described in the qemu.org reference applies here. In other...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed an out-of-bounds shift in CalculateVMAndRowBytes REASON When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dmllog2 returns an unexpected negative value: The shift exponent...

Astra Linux – Vulnerability in mbedtls

There is a denial-of-service vulnerability in mbed TLS 3.0.0 and earlier versions, specifically in the mbedtlspkcs12derivation function, when the length of the input password is 0...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf: Fixed the refcount warning when incrementing event-mmapcount. When calling refcountinc&event-mmapcount within perfmmaprb, the following warning is triggered: c refcountt: Addition on 0; use-after-free. WARNING:...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ocxl: The issue of a reference count leak for PCI devices occurred when calling getfunction0. getfunction0 calls pcigetdomainbusandslot. As commented, this function returns a PCI device with a reference count increase. Therefore,...

Astra Linux – Vulnerability in imagemagick

In the ParseMetaGeometry function of MagickCore/geometry.c, calculations for image height and width can lead to division-by-zero conditions, which can also result in undefined behavior. This flaw can be triggered by an input file processed by ImageMagick and could affect the availability of the...

Astra Linux – Vulnerability in SOX

A floating-point exception division by zero issue was discovered in SoX during the execution of the startread function in the wav.c file. An attacker who possesses a malicious wav file could cause the application to crash...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: az6027: fixed a nullptrderef in az6027i2cxfer Wei Chen reported a kernel bug as follows: General protection fault, likely for non-canonical addresses KASAN: nullptrderef within the range...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fixed an infinite loop triggered by a zero-sized ATTRLIST. We have identified a bug in the ntfs3 file system that can lead to a Denial-of-Service DoS attack. A malformed NTFS image can cause an infinite loop when the...

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick’s MagickCore/resize.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, specifically a division by zero in mathematics. This likely results in a disruption to the application’s functionality, but it may als...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevention of certain integer underflows My static checker reports the following issue: drivers/infiniband/hw/irdma/ctrl.c:3605 irdmascceqinit Warning: Can subtract underflow for ‘info-dev-hmcfpmmisc.maxceqs’? It seem...

Astra Linux – Vulnerability in libpgjava

pgjdbc is an open-source PostgreSQL JDBC Driver. In affected versions, a prepared statement using either PreparedStatement.setTextint, InputStream or PreparedStatemet.setByteaint, InputStream will create a temporary file if the InputStream exceeds 2 kilobytes in size. This temporary file can be...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: igb: Fixed NULL pointer dereferencing in the ethtool loopback test. The igb driver currently causes a NULL pointer dereferencing when executing the ethtool loopback test. This occurs because there is no associated q-vector for th...