Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Null checks for ‘stream’ and ‘plane’ were added before dereferencing them. This commit adds null checks for the ‘stream’ and ‘plane’ variables in the dcn30applyidlepoweroptimizations function. These variables wer...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden the getcpuforacpiid function to prevent errors when a missing CPU entry is used. During a review discussion of the changes to support vCPU hotplug, it was noted that a check was added to ensure the GICC Global...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: TCP: The check skb variable is not NULL in tcprtodeltaus. We have some machines running stock Ubuntu 20.04.6; these machines have a kernel version of 5.4.0-174-generic and are running Ceph. Recently, a NULL pointer dereference...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nfsd: returns -EINVAL when namelen is 0 When we have a corrupted main.sqlite file in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that ha...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handling of a null streamstatus in the planeschangedforexistingstream function. This commit adds a null check for streamstatus in the function planeschangedforexistingstream. Previously, the code assumed that...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42completecopies On the node of an NFS client, some files saved in the mountpoint of the NFS server were copied to another location of the same NFS server. Accidentally, the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-srv: Avoid null pointer deref during path establishment. For RTRS path establishment, the RTRS client initiates and completes connection establishment. After establishing all its connections, information is exchanged...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: qcom: Fixed NULL dereference in asocqcomlpasscpuplatformprobe The devmkzalloc function in asocqcomlpasscpuplatformprobe might potentially return a NULL pointer. A NULL pointer dereference could occur without any addition...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fixed the nullptrderef issue in targetallocdevice There is a nullptrderef issue reported by KASAN: BUG: KASAN: nullptrderef in targetallocdevice+0xbc4/0xbe0 targetcoremod … kasanreport+0xb9/0xf0...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: clk: clk-apple-nco: Added a NULL check in aplncoprobe. A NULL check was added in aplncoprobe to handle the kernel’s NULL pointer dereferencing error...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: fixed TCP options overflow. Syzbot reported the following errors: Oops: general protection fault, likely due to a non-canonical address 0xdffffc0000000001: 0000 1 PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range...

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxupdatetracks function within matroska-demux.c. The vulnerability occurs when the gstcapsisequal function is called with invalid caps...

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. This function does not properly check the validity of the stream-codecpriv pointer. If...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac: A NULL pointer dereference occurred in the brcmftxfinalize function. When the device is removed or the kernel module is unloaded, a potential NULL pointer dereference may occur. The following sequence leads to the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: Fixed a kernel panic that occurred in bnxtgetqueuestatsrx | tx. When the qstats-get operation is executed, calls to netdevstatsops are made. bnxtgetqueuestatsrx | tx collects per-queue statistics from swstats in the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: ti: am65-cpsw: Fixed the NAPI registration sequence. Registering interrupts for TX or RX DMA channels before registering their respective NAPI callbacks can lead to a NULL pointer derefrence. This issue occurs...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: Purge vif txq in ieee80211dostop After ieee80211dostop, the packets from vif’s txq might still be processed. Another concurrent call to scheduleandwaketxq could cause those packets to be dequeued see...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: fixed null-ptr-deref in idpffeaturescheck idpffeaturescheck is used to validate the TX packet. The length of the skb header is compared with the value supported by the hardware, which is received from the device control...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Zoned – Cloning zoned device info when cloning a device When cloning a btrfsdevice, we are not cloning the associated btrfszoneddeviceinfo structure of the device, especially in cases where the filesystem is zoned. This ca...

Astra Linux - уязвимость в linux

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the event-handling loop a race condition. This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash vi...