31548 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: iouring: Fixed a null-ptr-deref in iotctxexitcb. Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at address 0000000000000138 by task file1/1955 CPU: 1 PID: 195...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, do not write to the msggetinq field in the callee. This issue involves fixing the problem of NULL pointer dereferencing. msggetinq is an input field from the caller to the callee. Do not set it in the callee...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Null checks for ‘stream’ and ‘plane’ were added before dereferencing them. This commit adds null checks for the ‘stream’ and ‘plane’ variables in the dcn30applyidlepoweroptimizations function. These variables wer...
Astra Linux – Vulnerability in libde265
It was discovered that libde265 v1.0.10 contains a NULL pointer dereference in the ffhevcputhevcepelpixels8sse function located at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack through a crafted input file...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Track xmit submissions to PTP WQ after populating the metadata map. Ensure that the skb is available in the metadata mapping to skbs before tracking the metadata index to detect undelivered CQEs. If the metadata ind...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: quota: fixed the loop condition in f2fsquotasync The parameter cnt should be passed to sbhasquotaactive, rather than type, to correctly check the active quota. Moreover, when the type is -1, the compiler, with sufficient...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor the bind path to use free After a bind/unbind cycle, the ncm-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request. This leads to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: fix time stamp counter initialization If the gsusb device driver is unloaded or unbound before the interface is shut down, the USB stack first calls the struct usbdriver::disconnect, and then the struct...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fixed error handling in atatdevadd In atatdevadd, the return value of transportadddevice is not checked. As a result, a null-ptr-deref occurs when removing the module, because transportremovedevice is calle...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: ipu3imggu: Fixed a NULL pointer dereferencing issue in active selection access. The IMGu driver handled this by first acquiring the pointers to the active devices, then attempting V4L2 Subdev operations, and only then...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: The issue occurs when testing as follows: a Using syscallNRSocket, 0x10ul, 3ul, 0 to create a netlink socket. b Using syscallNRSendMsg, ... to create a bond link device and a vxcan link device, and binding the vxcan device to the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: psi: Added a check for kstrdup. Added a check on the return value of kstrdup, and return an error if it fails, in order to avoid NULL pointer dereferencing...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac: A NULL pointer dereference occurred in the brcmftxfinalize function. When the device is removed or the kernel module is unloaded, a potential NULL pointer dereference may occur. The following sequence leads to the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nbd: The function genlunregisterfamily is called first in nbdcleanup. Otherwise, there may be a race between the removal of the module and the handling of the netlink command, which can lead to an oops as shown below: BUG: Kernel...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fixed NULL pointer dereferencing in the error path When calling mlxswspacltcamregiondestroy from an error path after failing to attach the region to an ACL group, we encountered a NULL pointer dereferencin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: checked for a null return from devmkzalloc in dpuwritebackinit. Due to the possible failure of devmkzalloc, dpuwbconn might be NULL, which could lead to a null pointer derefrence later. Therefore, it might be better ...
Astra Linux – Vulnerability in edk2
Null pointer dereferencing in Tianocore EDK2 may allow an authenticated user to potentially enable privilege escalation through local access...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcprtodeltaus We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcprearmrto. Initially hittin...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed NULL pointer dereferencing in VSI filter synchronization. The issue of NULL pointer dereferencing in sync VSI filters has been eliminated. A new I40EVSIRELEASING flag was added to indicate the deletion and release of...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: vfio: Fixed NULL pointer dereferencing caused by uninitialized group-iommufd. group-iommufd is not initialized for the iommufdctxput function. 20018.331541 BUG: NULL pointer dereferencing in the kernel, address: 00000000000000...