Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcantxhandler: fixed the issue where skb was freed after it had been used. The canPUTechoskb function clones a skb and then frees it. This function should be moved directly before the start of the xmit in hardware for...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ethtool: Avoid overflowing the user-space buffer during stats queries The ethtool -S command operates through three ioctl calls: - ETHTOOLGSSETINFO for the size of the statistics data; - ETHTOOLGSTRINGS for the names of the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300 – ensure that the data length is within the supported range. A explicit check for the transfer length should be added to ‘rtl9300i2cconfigxfer’ to ensure that the data length is not within the supported range. In...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rustbinder: Properly handles FDA objects of length zero. A bug has been fixed where an empty FDA fd array object with 0 fds could cause an out-of-bounds error. The previous implementation used skip == 0 to indicate “this is a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: spi: spi-mem: Added a fix to avoid division errors For some SPI flash memory operations, dummy bytes are not required. For example, in Winbond SPINAND flash memory devices, the writecache and updatecache operations do not...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: Handling of integer overflows in kmallocreserve The committed change was as follows: c ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This caused various crashes, as reported ...

Astra Linux – Vulnerability in python-pymysql

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input, because keys are not escaped by escapedict...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: ep0: fix NULL pointer exception There is no validation of the index from dwc3wIndextodep, and we might be referring to a non-existent ep, triggering a NULL pointer exception. In certain configurations, we might use few...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid division by zero by initializing the dummy pitch to 1. Why If the dummy values in populatedummydmlsurfacecfg are not updated, they may lead to a division by zero in downstream calls such as...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: TCP: Handle the mixed splice/sendmsgMSGZEROCOPY case syzbot found that mixing calls to sendpage and sendmsgMSGZEROCOPY using the same TCP socket would trigger the infamous warning in inetsockdestruct. c WARNONskforwardallocgetsk;...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: md/raid0, raid10: Do not set discard sectors for the request queue. It should use diskstacklimits to determine the appropriate maxdiscardsectors instead of setting the value using stack drivers. There is also a bug. If all...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fixed the null-ptr-deref issue in hugetlbfsParseParam Syzkaller reported a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon: The issue of dividing by zero in damongetintervalsscore has been fixed. The current implementation allows regions with zero size without any special reasons, but damongetintervalsscore crashes when the region size is ze...

Astra Linux – Vulnerability in openjpeg2

A flaw was discovered in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, resulting in an out-of-bounds read. The greatest threat from this vulnerability is system availability...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k – Do not allow overwriting of ENDPOINT0 attributes A malicious USB device can construct a service connection response message with the target endpoint being ENDPOINT0, which is reserved for HTCCTRLRSVDSVC and should n...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The calltrace warning in amddrmbuddyfini has been fixed. The following call trace was observed when removing the amdgpu driver. This issue arises because the BOs allocated for PSP are not freed until after the driver ...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5ibgethwstats when used for device Currently, when mlx5ibgethwstats is used for device portnum = 0, there is a special handling in order to use the correct counters, but, portnum is being passed down the stack...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: skbuff: In skbSegment, call zero-copy functions before using skbuff fragments. The commit bf5c25d60861 added the call to zero-copy functions in skbSegment. This change introduced a bug in skbSegment, as skborphanfrags may...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext2/dax: Fix ext2setsize when len is page aligned PAGEALIGNx macro gives the next highest value which is multiple of pagesize. But if x is already page aligned then it simply returns x. So, if x passed is 0 in daxzerorange...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix for crashes that occur when the regular task queue is reactivated. When the regular task queue is reactivated after the XSK socket is closed, it may read stale cancellation requests cqe, which can eventually...