Astra Linux - уязвимость в linux-5.10, linux

With shadow paging enabled, the INVPCID instruction results in a call to kvmmmuinvpcidgva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fixed a typographical error in the frequency notification. The NAN notification refers to a frequency of 5745 MHz, which corresponds to channel 149, not 5475—which is not a valid channel at all. This could le...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommufd: Set end correctly when doing batch carry Even though the test suite covers this it somehow became obscured that this wasn't working. The test iommufdioas.mockdomain.accessdomaindestory would blow up rarely. end should be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Zoned: Skipping splitting and logical rewriting during pre-alloc write operations. During relocation, there is a possibility that at the time of btrfsrelocclonecsums, there may be no checksum for the corresponding regio...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Added the missing hwops-getringselector function for IPQ5018. During the sending of data after clients are connected, the hwops-getringselector function will be called. However, for IPQ5018, this member is not set,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the DRM panic due to a null pointer when the driver does not support atomic operations. When the driver does not support atomic operations, fb uses plane-fb instead of plane-state-fb. Identified from commit...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: When performing a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since changing the block size also affects the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vduse: fixed NULL pointer dereference. The vdusevdpasetvqaffinity callback can be called with a NULL value as the cpumask when deleting the vduse device. This patch resets virtqueue’s IRQ affinity mask value to set all CPUs inste...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Added a check for the encoder in intelhdcpgetcapability. Sometimes during hotplug scenarios or suspend/resume scenarios, the encoder may not be initialized properly. To prevent null pointer dereferencing in the...

Astra Linux - уязвимость в linux-astra-modules-5.4, linux-astra-modules-5.10

The vulnerability of the pdplPut function in the linux-astra-modules kernel module is related to the assignment of a null pointer. Exploiting this vulnerability allows an attacker to cause a service failure...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fixed a potential NULL pointer dereferencing in ionicqueryport. The function ionicqueryport calls ibdevicegetnetdev without checking the return value, which could lead to NULL pointer dereferencing. This issue has bee...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtw89: pci: validate sequence number of TX release report Hardware rarely reports an abnormal sequence number in the TX release report, which may lead to an out-of-bounds access to the wdring-pages array, causing a NULL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ice: The txtstamps field is set when creating new Tx rings using ethtool. When the user changes the number of queues via ethtool, the driver allocates new Tx rings. This allocation does not initialize the txtstamps field. As a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: hns3: Fix for kernel crashes when 1588 messages are received on HIP08 devices. HIP08 devices do not register ptp devices. As a result, hdev-ptp is NULL. However, the hardware can receive 1588 messages and set the HNS3RXDTSVL...

Astra Linux - уязвимость в gpac

A vulnerability was discovered in GPAC version 2.4. It has been rated as problematic. The affected function is gfdashdownloadinitsegment in the file src/mediatools/dashclient.c. Manipulating the baseiniturl argument leads to a null pointer dereference. This attack can be launched remotely. The...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fixed a null pointer dereference in ext4raw inode If ext4getinodeloc fails e.g., if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattr inodedecrefall lacks error checking, this will lead to a...

Astra Linux - уязвимость в tiff

In libtiff version 4.3.0, the unchecked dereference of a return value can allow attackers to trigger a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, this issue has been fixed in the commit f2b656e2...

Astra Linux - уязвимость в linux-5.10, linux

A NULL pointer dereference flaw exists in the diFree function in the fs/jfs/inode.c file of the Journaled File System JFS in the Linux kernel. This flaw could allow a local attacker to crash the system or leak internal kernel information...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Driver Core: Fixed a potential nullptrderef issue in deviceadd. I encountered the following nullptrderef issue during the fault injection test: Bug: NULL pointer dereferencing in the kernel. Address: 0000000000000058 CPU: 2 PID:...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: dsi: Added a check for the return value of offinddevicebynode. Added a check on the return value of offinddevicebynode, and return an error if it fails, in order to avoid NULL pointer dereferencing...