Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: nfs: fixed a panic that occurred when nfs4fflayoutprepareds failed. We have observed the following panics in production: BUG: NULL pointer dereferencing in the kernel, address: 0000000000000065 PGD: 2f485f067; P4D: 2f485f067;...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fixed a possible null-ptr-deref issue when initializing hardware. The result of the avsdaifindpathtemplate function must be verified before being used. Since the ‘template’ is already known when...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: lltemac: The function platformgetresource was replaced with the function devmplatformioremapresourcebyname. This function is called using 0 as the name. Eventually, this leads to a call to platformgetresourcebyname in the ca...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: misc: brcmstb-usb-pinmap: check return value after calling platformgetresource This issue could lead to a null-ptr-deref error if platformgetresource returns NULL. Therefore, we need to check the return value...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Fixed NULL pointer dereferencing by removing unnecessary structure fields. If the driver reads a value that is sufficient for the condition: val & 0x08 && !val & 0x80 && val & 0x7 == val 4 & 0x7 NULL pointer...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fixed a NULL pointer dereference in pnfsmarkmatchinglsegsreturn. The commit de144ff4234f fixes the issue by changing pnfsreturnlayout to call pnfsmarkmatchinglsegsreturn, with NULL passed as the structpnfslayoutrange...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: fbdev: Fixed the issue of unregistering framebuffers without a device. Framebuffers in OF do not have a underlying device in the Linux device hierarchy. Instead of hot-unplugging such non-existent devices, a regular unregister...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: The BUGON flag has been removed when the event pool is empty. In practice, the driver should never send more commands than are allocated to the event pool. If this happens, the code will assert the BUGON flag. In th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/dp: The struct dppanel’s connector should be populated properly. In the DP CTS test case 4.2.2.6, the edid has a valid value but a bad checksum. It is expected that the DP source returns a correct checksum. During the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek – Assign a dummy codec when no specific codec is specified for a DAI link. MediaTek sound card drivers check whether a DAI link exists and is being used on a board. They assign the correct parameters to the DAI lin...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ice: A NULL pointer dereferencing issue was fixed in iceupdatevsitxringstats. It is possible to cause a NULL pointer dereferencing in routines that update Tx ring statistics. Currently, only statistics and bytes are updated when...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag, fix failure to cancel delayed bond work The commit 0d4e8ed139d8 “net/mlx5: Lag, avoid lockdep warnings” accidentally removed a call to cancel delayed bond work. This may cause queued delays to expire and affect wor...

Astra Linux - уязвимость в freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions of FreeRDP are subject to a null pointer dereference that can lead to a crash in the RemoteFX rfx handling. Within the rfxprocessmessagetileset function, the program allocates...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: Fix NULL pointer in skbsegmentlist. The commit 3a1296a38d0c “net: Support GRO/GSO fraglist chaining” introduced a bug where the GRO was processed using a UDP list. The segmentation of data relies on fraglist not being modifi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed null pointer dereference in bnxtbsTraceCheckWrap. In older firmware versions, we might encounter the ASYNCEVENTCMPLEVENTIDDBGBUFPRODUCER for the firmware trace data type that has not been initialized. This could lea...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: mmcspi: fixed error handling in mmcspiprobe If mmcaddhost fails, there is no need to call mmcremovehost; otherwise, it may cause a null-ptr-deref due to deleting a device that was not properly added in mmcremovehost. To fix...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fixed a possible NULL pointer dereference in ufshcdaddcommandTrace. The kernel log indicates a crash in ufshcdaddcommandTrace due to a NULL pointer dereference when accessing hwq-id. This can occur if...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/panel: A possible null pointer dereference in jdipaneldsiremove has been fixed. In jdipaneldsiremove, jdi is explicitly checked, indicating that it may be NULL: c if !jdi mipidsidetachdsi; However, when jdi is NULL, the...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

A NULL pointer dereference vulnerability exists in the Linux kernel on Linux, x86, and ARM platforms including networking and Bluetooth modules. This vulnerability is associated with the program file /net/bluetooth/rfcomm/core.C. This issue affects the Linux kernel version v2.6.12-rc2...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Added a null pointer check for inode operations This adds a sanity check for the iop pointer of the inode, which is returned after reading the Root directory MFT record. We should check that the iop is valid before...