Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Added a check for kzalloc. Since kzalloc may fail and return a NULL pointer, it’s better to check the return value to avoid dereferencing a NULL pointer. Patch details: https://patchwork.freedesktop.org/patch/514154...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: sparx5: switchdev: fixed the possible NULL pointer dereferencing issue. As a possible failure in allocation, devmkzalloc may return a NULL pointer. Therefore, it is better to check for this condition in order to prevent the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: checked for a null return from devmkzalloc in dpuwritebackinit. Due to the possible failure of devmkzalloc, dpuwbconn might be NULL, causing a null pointer derefrence later. Therefore, it might be better to check thi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: coresight: Fixed incorrect handling of the return value of devmkzalloc. The return value of devmkzalloc could potentially be a null pointer. Use !desc.pdata to correct the incorrect handling of this return value...

EUVD-2026-27620

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of BO array in hang state The hang state's BO array is allocated separately with kzalloc in vc4savehangstate but never freed in vc4freehangstate. Add the missing kfree for the BO array before freeing the...

CVE-2026-43105

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of BO array in hang state The hang state's BO array is allocated separately with kzalloc in vc4savehangstate but never freed in vc4freehangstate. Add the missing kfree for the BO array before freeing the...

CVE-2026-43105

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of BO array in hang state The hang state's BO array is allocated separately with kzalloc in vc4savehangstate but never freed in vc4freehangstate. Add the missing kfree for the BO array before freeing the...

SUSE CVE-2026-43055

In the Linux kernel, the following vulnerability has been resolved: scsi: target: file: Use kzallocflex for aiocmd The targetcorefile doesn't initialize the aiocmd-iocb for the kiwritestream. When a write command fdexecuterwaio is executed, we may get a bogus kiwritestream value, causing unintend...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynq-qspi: Fixed a NULL pointer dereferencing in zynqqspiexecmemop. In zynqqspiexecmemop, kzalloc is directly used in memset, which could lead to a NULL pointer dereferencing if kzalloc fails. This bug was identified by ...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A issue was discovered in the Linux kernel through version 5.16-rc6. The function malidpcrtcreset in the file drivers/gpu/drm/arm/malidpcrtc.c lacks a check on the return value of kzalloc. This could lead to a null pointer dereferencing...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: dosysnametohandle: The use of kzalloc instead of kmalloc was identified as a vulnerability that exposes the kernel to attacks. The syzbot identified a vulnerability in the dosysnametohandle function, and reported the following...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac: A check on the count value of channel specifications is added to prevent out-of-bounds reads. This patch fixes out-of-bounds reads in brcmfconstructchaninfo and brcmfenablebw402g when the count value of channel...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: caif: A memory leak has been fixed in cfctrllinkuprequest. When linktype is unknown, or kzalloc fails in cfctrllinkuprequest, pkt is not released. Add a release process to the error handling logic...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: Fixed a panic that occurs when timertype has a garbage value. Currently, when a rule related to IDLETIMER is added, the idletimertg timer structure is initialized using kmalloc during the execution of the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: sched: A potential NULL pointer dereferencing issue exists in the GRED scheduler. If kzalloc in gredinit returns a NULL pointer, the code follows the error handling path and invokes greddestroy. This, in turn, calls gredoffload,...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: phy: leds: fix memory leak A network restart test on a router led to an out-of-memory condition. This issue was traced to a memory leak in the PHY LED trigger code. The root cause is the misuse of the devm API. The...

Astra Linux - уязвимость в linux-5.10

A issue was discovered in the Linux kernel through version 5.16-rc6. In the file mtkvcodecfwvpuinit located in drivers/media/platform/mtk-vcodec/mtkvcodecfwvpu.c, there is a lack of check for the return value of devmkzalloc. This could lead to a null pointer dereferencing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fixed a NULL pointer dereferencing in ath12kmacophwscan. In ath12kmacophwscan, the return value of kzalloc is directly used in memcpy. This may lead to a NULL pointer dereferencing in case of a failure of kzalloc...

CVE-2026-43055

In the Linux kernel, the following vulnerability has been resolved: scsi: target: file: Use kzallocflex for aiocmd The targetcorefile doesn't initialize the aiocmd-iocb for the kiwritestream. When a write command fdexecuterwaio is executed, we may get a bogus kiwritestream value, causing unintend...

CVE-2026-43055

In the Linux kernel, the following vulnerability has been resolved: scsi: target: file: Use kzallocflex for aiocmd The targetcorefile doesn't initialize the aiocmd-iocb for the kiwritestream. When a write command fdexecuterwaio is executed, we may get a bogus kiwritestream value, causing unintend...