Astra Linux - уязвимость в linux, linux-5.10

A race condition flaw was discovered in the Linux kernel sound subsystem due to improper locking mechanisms. This could lead to a NULL pointer derefrence during the handling of the SNDCTLDSPSYNC ioctl command. A privileged local user such as root or a member of the audio group could exploit this...

Astra Linux - уязвимость в binutils

A NULL pointer dereference also known as SEGV at an unknown address 0x000000000000 was discovered in the workstuffcopytofrom function in cplus-dem.c within GNU libiberty, as part of the GNU Binutils 2.30 distribution. This issue can occur during the execution of objdump...

Astra Linux - уязвимость в net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials could use an improperly formatted OID in a SET request to the nsVacmAccessTable, causing a NULL pointer derefrence. Version 5.9.2 includes a patch to addre...

Astra Linux - уязвимость в vim

NULL pointer dereferencing in the GitHub repository for vim/vim before version 9.0.0240...

Astra Linux - уязвимость в libbpf

A vulnerability was discovered in the Linux kernel. It has been classified as problematic. This issue affects the findprogbysecinsn function in the tools/lib/bpf/libbpf.c file of the BPF component. The vulnerability results in a null pointer derefrence error. It is recommended that a patch be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: schets: do not peek at classes beyond ‘nbands’ When the number of DRR classes decreases, the round-robin active list may contain elements that have already been freed in etsqdiscchange. As a result, it’s possible to...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: check the return value after calling platformgetresourcebyname. If platformgetresourcebyname returns NULL, it may lead to a null-ptr-deref issue. Therefore, we need to check the return value. Patch details:...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: rtc: mt6397: Check the return value after calling platformgetresource. This could lead to a null-ptr-deref issue if platformgetresource returns NULL. Therefore, we need to check the return value...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Always pass an error pointer to sevplatformshutdownlocked When 9770b428b1a2 “crypto: ccp – Move devinfo/err messages for SEV/SNP init and shutdown” moved the error messages so that they don’t need to be issued by...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Guard for possible null pointer dereferencing REASON In some situations, dc-respool may be null. SOLUTION Check if the pointer is null before dereferencing it...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mei: fixed potential NULLptr dereferencing issues. If SKB allocation fails, continue instead of using a NULL pointer. Coverity CID: 1497650...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Added a missing check and a call to free for idaalloc. Added a check on the return value of idaalloc to avoid NULL pointer dereferencing. Additionally, freed the allocated "ctx-id" if mdpm2mopen fails...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/broadcom: Fixed potential NULL dereferencing in srthermalprobe. platformgetresource may return NULL; added proper checks to avoid potential NULL dereferences...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fixed a NULL pointer dereferencing issue when getting the power limit. Since the initialization of powerplaytable is skipped under the sriov case, we check and set default lower and upper OD values if powerplaytabl...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: prevented NULL dereferencing in iovatophys. The riscviommupteFetch function returns either NULL for unmapped/never-mapped iovas, or a valid leaf PTE pointer that does not require further validation...

Astra Linux - уязвимость в parsec

The vulnerability of the hashinitialize function in the PARSEC security subsystem is related to the assignment of a null pointer. Exploiting this vulnerability allows an attacker to cause a service failure...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: md: initbioset in mddevinit. IO operations may be required before mdrun, such as updating metadata after writing to sysfs. Without bioset, this triggers a NULL pointer dereference, as shown below: BUG: NULL pointer dereference in...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fixed NULL pointer dereferencing in gfs2logFlush. In gfs2jindexfree, sdp-sdjdesc was set to NULL under the log flush lock, to prevent conflicts with gfs2logFlush. In gfs2logFlush, we now check that sdp-sdjdesc is not NULL...

Astra Linux - уязвимость в binutils

A issue was discovered in elflinkinputbfd within elflink.c, part of the Binary File Descriptor BFD library also known as libbfd, as included in GNU Binutils 2.31. There is a NULL pointer dereferencing issue in elflinkinputbfd when it is used to find STTTLS symbols without a TLS section present. A...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ethtool: ioctl: fixed a potential NULL dereference in ethtoolsetcoalesce. ethtoolsetcoalesce now uses both .getcoalesce and .setcoalesce callbacks. However, the check for their availability is buggy. Therefore, changing the...