Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: nbd: Fixed NULL pointer in flushworkqueue Open /dev/nbdX first; the configrefs will be 1, and the pointers in nbddevice remain null. Disconnect /dev/nbdX, then reference a NULL recvworkq. The protection provided by configrefs ...

Astra Linux - уязвимость в qemu

In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, which can lead to a NULL pointer dereferencing...

Astra Linux - уязвимость в linux-5.10

A NULL pointer dereference flaw was discovered in the Linux kernel’s X.25 set of standardized network protocol functions. This flaw allows a local user to crash the system by terminating their session using a simulated Ethernet card while continuing to use that connection...

Astra Linux - уязвимость в vim

NULL pointer dereferencing in the GitHub repository for vim/vim before version 9.0.0224...

Astra Linux - уязвимость в gnutls28

A NULL pointer dereference flaw was discovered in GnuTLS. Since Nettle’s hash update functions internally call memcpy, using zero-length inputs may lead to undefined behavior. This flaw can result in a denial of service after authentication in rare circumstances...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: misc: brcmstb-usb-pinmap: check return value after calling platformgetresource This issue could lead to a null-ptr-deref error if platformgetresource returns NULL. Therefore, we need to check the return value...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ARM: davinci: da850evm: Avoid NULL pointer dereferencing In newer versions of GCC, a panic occurs in da850evmconfigemac when booting multiv5defconfig in QEMU under the palmetto-bmc machine. The issue arises from attempting to...

Astra Linux - уязвимость в linux-5.10, linux

With shadow paging enabled, the INVPCID instruction results in a call to kvmmmuinvpcidgva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference...

Astra Linux - уязвимость в linux-5.10

A issue was discovered in the Linux kernel through version 5.16-rc6. In the file mtkvcodecfwvpuinit located in drivers/media/platform/mtk-vcodec/mtkvcodecfwvpu.c, there is a lack of check for the return value of devmkzalloc. This could lead to a null pointer dereferencing...

Astra Linux - уязвимость в linux-5.10, linux

A issue was discovered in the Linux kernel through version 5.16-rc6. The function malidpcrtcreset in the file drivers/gpu/drm/arm/malidpcrtc.c lacks a check on the return value of kzalloc. This could lead to a null pointer dereferencing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: sched/fair: Fixed an error in reweightentity. Syzbot detected a GPF in reweightentity. This issue has been fixed in commit 4ef0c5c6b5ba “kernel/sched: Fixed the issue where schedfork accesses an invalid schedtaskgroup”. There ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: checking the return value after calling platformgetresource. This will cause a null-ptr-deref if platformgetresource returns NULL; therefore, we need to check the return value...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: fixed a possible null-ptr-deref in vopbind. This issue could lead to a null-ptr-deref in resourcesize if platformgetresource returns NULL. Moving the call to resourcesize after devmioremapresource and checking...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: bcm2835spihandleerr: Fixed the issue of NULL pointer dereferencing during non-DMA transfers. In cases where an IRQ-based transfer times out, the bcm2835spihandleerr function is called. Since commit 1513ceee70f2 “spi...

Astra Linux - уязвимость в linux-5.10, linux

A null pointer dereference issue was discovered in the SCTP network protocol within the net/sctp/streamsched.c file in the Linux kernel. If the streamin allocation fails, the streamout resource is freed, allowing further access to it. A local user could exploit this vulnerability to crash the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: hns3: Fix for kernel crashes when 1588 messages are received on HIP08 devices. HIP08 devices do not register ptp devices. As a result, hdev-ptp is NULL. However, the hardware can receive 1588 messages and set the HNS3RXDTSVL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: serial: core: Clearing the circular buffer before NULLifying it The circular buffer is NULLified in the uartttyportshutdown function, under the spin lock. However, the PM or other timer-based callbacks may still trigger after thi...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fixed potential null pointer dereferencing. In functions lan8814getsigrx and lan8814getsigtx, ptpparseheader may return NULL due to abnormal packet types or corrupted packets. This bug has been fixed by adding a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fixed a potential null-ptr-deref issue. Fixed the potential null-ptr-deref in hcilebigsyncestablishedevt...

Astra Linux - уязвимость в linux-5.10, linux

A vulnerability has been discovered in the Linux kernel. It has been classified as problematic. The affected function is nilfsbmaplookupatlevel in the file fs/nilfs2/inode.c of the nilfs2 component. Manipulation of this function can lead to a null pointer dereference. The attack can be launched...