Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Check the folio pointer to ensure it is not NULL. It can become NULL if the bbmap function is called...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: netsched: Fixed NULL dereferencing in fifosetlimit. syzbot reported another NULL dereferencing in fifosetlimit. 1 I can reproduce the issue with the following commands: unshare -n tc qd add dev lo root handle 1:0 tbf limit...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drbd: fixed the issue of null-pointer dereference during local read operations. In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: c reqmodreq, what, NULL, &m; The handler for...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Added a check for kmemdup. Since kmemdup may return a NULL pointer, it would be better to add a check on the return value to avoid dereferencing a NULL pointer...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The referenced commit moved the idr initialization too early in flchange, which allows concurrent users to access the filter that is still being initialized and is in an inconsiste...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Firmware: armffa: Check if ffadriverremove is present before executing it. Currently, ffadrv-remove is called unconditionally from ffadeviceremove. Since the driver registration does not check for this, and allows it to be...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: kprobe: Fixed a potential null-ptr-dereference in tracearray in kprobeeventgentestexit When testgenkprobecmd fails after kprobeeventgencmdend, it will go to delete, which will call kprobeeventdelete and release the...

Astra Linux – Vulnerability in ffmpeg

A issue was discovered in the function latmwritepacket in the file libavformat/latmenc.c in Ffmpeg 4.2.1. This issue allows attackers to cause a Denial of Service or other unspecified impacts due to a Null pointer dereference...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tty: synclinkgt: Fixed the null-pointer-dereference issue in slgtclean. When the driver fails at allochdlcdev, and then we remove the driver module, we will encounter the following error: 25.065966 General protection fault; likel...

Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/bridge: sii902x: Fixed the probing race issue A null pointer dereference crash has been observed rarely on TI platforms using the sii9022 bridge: 53.271356 sii902xgetedid+0x34/0x70 sii902x 53.276066...

Astra Linux – Vulnerability in binutils

A issue was discovered in elflinkinputbfd within elflink.c, part of the Binary File Descriptor BFD library also known as libbfd, as included in GNU Binutils 2.31. There is a NULL pointer dereferencing issue in elflinkinputbfd when it is used to find STTTLS symbols without a TLS section present. A...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ice: Added the missing icedeinithw function in devlinkreinitpath. devlink-reload results in a iceinithwfailed error. Removing the ice driver causes a NULL pointer dereference issue. +0.102213 ice 0000:ca:00.0: iceinithwfailed: -1...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-host: The proper IRQ domain must be passed to generichandledomainirq. Starting with the commit dd26c1a23fd5 “PCI: rcar-host: Switch to msicreateparentirqdomain”, the MSI parent IRQ domain is set to NULL because the obje...

Astra Linux – Vulnerability in sane-backends

A NULL pointer dereferencing in the saneiepsonnetread function in SANE backends before version 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, known as GHSL-2020-075...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: watchqueue: Fixed NULL dereference in error cleanup. In watchqueuesetsize, the error cleanup code does not take into account that freepage cannot handle a NULL pointer when trying to free buffer pages that have been allocated. Th...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A NULL pointer dereference flaw was discovered in the UNIX protocol, specifically in the file net/unix/diag.c, within unixdiaggetexact in the Linux kernel. The newly allocated skb does not have an sk, resulting in a NULL pointer. This flaw could allow a local user to crash the system or potential...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: SUNRPC: Fixed null-ptr-deref when xps sysfs alloc fails There is a null-ptr-deref when xps sysfs alloc fails: BUG: KASAN: null-ptr-deref in sysfsdocreatelinksd+0x40/0xd0 Reading a 8-byte value at address 0000000000000030 by ta...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: jack: Access to inputdev under a mutex It is possible when using ASoC that the inputdev is not properly registered while calling sndjackreport, which can lead to a NULL pointer derefrence. To prevent this type of serialized...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: TI: am65-cpsw-nuss: Fixed null pointer dereferencing for ndev. In the TX completion packet stage of TI SoCs with CPSW2G instances, which have a single external Ethernet port, ndev is accessed without being...

Astra Linux – Vulnerability in libssh

In libssh 0.9.4, there is a NULL pointer dereferencing in tftpserver.c if sshbuffernew returns NULL...