Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nbd: The function genlunregisterfamily is called first in nbdcleanup. Otherwise, there may be a race between the removal of the module and the handling of the netlink command, which can lead to an oops as shown below: BUG: Kernel...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ice: Do not process extts if PTP is disabled The iceptpexttsevent function can race with iceptprelease, resulting in a NULL pointer dereferencing, which can lead to a kernel panic. A panic occurs because the iceptpexttsevent...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed null ndlp pointer dereferencing in an abnormal exit path for GFTID An error case resulting from exiting from lpfccmplctcmdgftid causes a call to lpfcnlpput, where a null pointer is used to reference the nodelist...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-tpo-tpg110: fixed a possible null pointer dereferencing issue. In tpg110getmodes, the return value of drmmodeduplicate is assigned to mode. This could lead to a NULL pointer dereferencing issue if drmmodeduplicate...

Astra Linux – Vulnerability in libjpeg-turbo

A crafted input file could cause a null pointer dereference in jcopysamplerows when processed by libjpeg-turbo...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: IB/hfi1: Fixed an early init panic issue. An early failure in hfi1ipoibsetuprn can lead to the following panic: BUG: Unable to handle a NULL pointer derefrence in the kernel at 00000000000001b0 PGD 0 P4D 0 Oops: 0002 1 SMP NOP...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xfrm: added a NULL check in xfrmupdateaeparams Normally, x-replayesn and x-preplayesn should be allocated in xfrmallocreplaystateesn..., hence xfrmupdateaeparams... can update them. However, the current implementation of...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: “quota”: Fixed the potential NULL pointer dereferencing. The race condition below may cause NULL pointer dereferencing. P1 P2 dquotfreeinode quotaoff dropdquotref removedquotref dquots = idquotinode dquots = idquotinode...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ATA: libata-transport: fixed the double call to atahostput in atatportadd In the error path in atatportadd, when calling putdevice, atatportrelease is called. This function decreases the refcount of ‘ap-host’. Then, atahostput is...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: fixed a possible NULL pointer dereferencing in sendacknowledge This issue involves handling memory allocation failures caused by nciskballoc, which calls allocskb. This fix prevents possible NULL pointer dereferences...

Astra Linux – Vulnerability in binutils

There is a flaw in the bfdpefparsefunctionstubs function within bfd/pef.c in the binutils in versions prior to 2.34. This flaw could allow an attacker who can submit a crafted file to be processed by objdump to cause a NULL pointer derefrence error. The most significant threat of this flaw is to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: GPU: lontium-lt9611: Fixed a NULL pointer dereference in lt9611connectorinit. A NULL check on bridge-encoder indicates that it may be NULL, but it has already been dereferenced on all paths leading to the check. 812: if...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: pinctrl: ralink: Check for a null return from devmkcalloc. Due to the potential failure of the allocation, data-domains might be a NULL pointer, and this could lead to the dereferencing of a NULL pointer later. Therefore, it migh...

Astra Linux – Vulnerability in gnutls28

A issue was discovered in GnuTLS before version 3.6.15. A server can cause a NULL pointer dereferencing in a TLS 1.3 client if a norenegotiation alert is sent at an unexpected time, resulting in an invalid second handshake. The crash occurs during the application’s error handling process, where t...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fixed the null-pointer dereference in pgtablecacheadd. kasprintf returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure. Ensure that the allocation was successful by checking th...

Astra Linux – Vulnerability in Squid

Squid is a caching proxy for the Web that supports HTTP, HTTPS, FTP, and other protocols. Due to a NULL pointer dereference bug, Squid is vulnerable to Denial of Service attacks targeting its Gopher gateway. The Gopher protocol was always available and enabled in Squid prior to Squid 6.0.1...

Astra Linux – Vulnerability in binutils

There is a flaw in the bfdpefscanstartaddress function of bfd/pef.c in binutils, which could allow an attacker who can submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils...

Astra Linux – Vulnerability in binutils

There is a flaw in binutils /bfd/pef.c. An attacker who can submit a crafted input file for processing by the objdump program could cause a null pointer dereference. The greatest threat of this flaw is to the availability of the application. This flaw affects binutils versions prior to 2.34...

Astra Linux – Vulnerability in binutils

A NULL pointer dereference also known as SEGV at an unknown address 0x000000000000 was discovered in the workstuffcopytofrom function in cplus-dem.c within GNU libiberty, as part of the GNU Binutils 2.30 distribution. This issue can occur during the execution of objdump...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A issue was discovered in the Linux kernel through version 6.1-rc8. The function dpucrtcatomiccheck in the file drivers/gpu/drm/msm/disp/dpu1/dpucrtc.c lacks a check for the return value of kzalloc. This issue may lead to a NULL Pointer Dereference...