Astra Linux - уязвимость в wavpack

A null pointer dereference bug was found in wavpack-5.4.0. Results from the ASAN log: AddressSanitizer:DEADLYSIGNAL. 84257==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 pc 0x561b47a970c6, bp 0x7fff13952fb0, sp 0x7fff1394fca0, T0 84257The issue is caused by a WRITE memory access...

Astra Linux - уязвимость в poppler

A issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, which can lead to a denial of service. This issue is evident in utils/pdfdetach.cc, where it does not validate the filename of an embedded file before constructing a save path...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed the crash that occurs during profile change rollback failure. The mlx5enetdevchangeprofile function may fail to attach a new profile and may also fail to roll back to the old profile. In such cases, we might e...

Astra Linux - уязвимость в vim

NULL pointer dereferencing in the GitHub repository for vim/vim before version 8.2.5163...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rxe: Fixed the “kernel NULL pointer dereference” error. When the rxequeueinit function in the rxeqpinitreq function fails, both qp-req.task.func and qp-req.task.arg are not initialized. Due to the failure in creating the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Rejected direct access to nullable PTRTOBUF pointers The checkmemaccess function matches PTRTOBUF via basetype, which removes the PTRMAYBENULL flag. This allows direct dereferencing without a null check. The map iterator...

Astra Linux - уязвимость в ffmpeg

A null pointer dereferencing issue was discovered in ‘FFmpeg’ within the decodemainheader function of the libavformat/nutdec.c file. The flaw occurs because the function does not check the return value of avformatnewstream, leading to a null pointer dereferencing error, which can cause the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Firmware: stratix10-rsu: Fixed a NULL pointer dereference issue when RSU is disabled. When the Remote System Update RSU is not enabled in the First Stage Boot Loader FSBL, the driver encounters a NULL pointer dereference when...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uSerial: Added a null pointer check in gserialresume. Consider a scenario where gserialdisconnect has already cleared gser-ioport. If a wakeup interrupt is triggered later, gserialresume will be called, which will...

Astra Linux - уязвимость в linux-5.10

A issue was discovered in the Linux kernel through version 5.16-rc6. The lkdtmARRAYBOUNDS function in drivers/misc/lkdtm/bugs.c lacks a check for the return value of kmalloc, which can lead to a null pointer derefrence...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix for NULL pointer dereferencing After committing change 45c7e8af4a5e3f0bea4ac209 “MIPS: Remove KVMTE support”, we encountered a NULL pointer dereferencing issue when creating a KVM guest: 146.243409 Starting KVM wit...

Astra Linux - уязвимость в qemu

A flaw was discovered in the QEMU-built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections exceeds a certain threshold. If it does, QEMU terminates the previous connection. However, if the previous connection is still in the handshake...

Astra Linux - уязвимость в fig2dev

A issue was discovered in fig2dev prior to 3.2.8. A NULL pointer dereferencing exists in the function computeclosedspline located in transspline.c. This allows an attacker to cause a Denial of Service attack. The fixed version of fig2dev is 3.2.8...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a NULL pointer derefrence issue in bnxtptpenable during error cleanup. When bnxtinitone fails during initialization e.g., bnxtinitintmode returns -ENODEV, the error handling code calls bnxtfreehwrmresources, which...

Astra Linux - уязвимость в linux-5.15

A NULL pointer dereference flaw was discovered in the Linux kernel’s drivers/gpu/drm/msm/msmgemsubmit.c code, specifically in the submitlookupcmds function. This flaw occurs because there is no check on the return value of kmalloc. This issue allows a local user to crash the system...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A null pointer dereference flaw was discovered in the Linux kernel’s DECnet networking protocol. This issue could allow a remote user to crash the system...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Networking: dsa: felix: fixed the possible dereferencing of a NULL pointer. As a possible failure during allocation, kzalloc may return a NULL pointer. Therefore, it is better to check for the value of 'sgi' to prevent the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Networks: Ethernet: mtkppe – Avoid NULL dereferencing when gmac0 is disabled. If gmac0 is disabled, the precheck for a valid ingress device will cause a NULL pointer dereferencing, leading to a system crash. This occurs because...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fixed NULL pointer dereferencing crash during unloading. The mxsfb-crtc.funcs may already be NULL when unloading the driver. In such cases, calling mxsfbirqdisable via drmirquninstall from mxsfbunload leads to a NULL...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: rpmpd: Check for a null return from devmkcalloc. Due to the potential failure of the allocation, data-domains might be a NULL pointer, and this could lead to the dereferencing of a NULL pointer later. Therefore, it mig...