Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed NULL pointer dereferencing in VSI filter synchronization. The issue of NULL pointer dereferencing in sync VSI filters has been eliminated. A new I40EVSIRELEASING flag was added to indicate the deletion and release of...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a ringbuffer that is not initialized yet. If the KVP or VSS daemon starts before the VMBus channel’s ringbuffer is fully initialized, we can encounter a panic as follows: hvutils: Registering th...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: removing an entry instead of using null-ptr-dereference in ocfs2xaremove Syzkaller can trigger null-ptr-dereference in ocfs2xaremove: 57.319872 a.out,1161,7:ocfs2xaremove:2028 ERROR: status = -12 57.320420...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: Check the result of jffs2preallocrawnoderefs in a few other locations. Fuzzing revealed another invalid pointer dereferencing due to the lack of checking whether jffs2preallocrawnoderefs completed successfully. Subseque...

Astra Linux – Vulnerability in libsoup2.4

A flaw was discovered in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function...

Astra Linux – Vulnerability in OpenSSL

Issue summary: An invalid or NULL pointer dereference can occur in an application processing a malformed PKCS12 file. This can lead to a Denial of Service attack. Impact summary: An application processing a malformed PKCS12 file may inadvertently dereference an invalid or NULL pointer during memo...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

The dotlsgetsockopt function in net/tls/tlsmain.c in the Linux kernel, as of version 6.2.6, lacks a call to locksock. This results in a race condition, which can lead to a use-after-free or NULL pointer dereferencing...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/qcom/lmh: Check for SCM availability at probe. Until now, the necessary check for SCM availability had not been performed, which could lead to null pointer dereferences. This issue occurred with me in RB1. The...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: soc: aspeed: lpc-snoop: Do not disable channels that are not enabled. The following issues have been mitigated: echo 1e789080.lpc-snoop /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... 120.363594 Unable to handle a kernel...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: Added a missing check for allocorderedworkqueue. Added a check on the return value of allocorderedworkqueue, as it may return a NULL pointer, causing a NULL pointer dereferencing in hdmihdcp.c and hdmihpd.c. Patch...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: mmcspi: fixed error handling in mmcspiprobe If mmcaddhost fails, there is no need to call mmcremovehost; otherwise, it may cause a null-ptr-deref issue, due to deleting a device that was not properly added in mmcremovehost. ...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dm flakey: fixed an crash caused by an invalid table line. This command will cause a crash when using a NULL pointer dereference: dmsetup create flakey --table "0 blockdev --getsize /dev/ram0 flakey /dev/ram0 0 0 1 2 corruptbioby...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi – avoid null pointer dereference in mpicmpui During NVMeTCP authentication, a controller can trigger a kernel oops by specifying the 8192-bit Diffie Hellman group and passing a correctly sized, but zeroed Diffie...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4processcbupdate @ses is initialized to NULL. If nfsd4findbackchannel finds no available backchannel session, setupcallbackclient will attempt to dereference @ses, resulting in a segmentation...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/notify: Calling intotifyshowfdinfo on a file descriptor that watches an overlayfs inode, while the overlayfs is being unmounted, can lead to dereferencing a NULL pointer. This issue was discovered by syzkaller. Race Condition...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: backlight: pm8941: Add a NULL check in wledconfigure. The devmkasprintf function returns NULL when memory allocation fails. Currently, wledconfigure does not check for this case, resulting in a NULL pointer being dereferenced. Ad...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Input: mtk-pmic-keys – fixed the issue of possible null pointer dereferencing. In mtkpmickeysprobe, the regs parameter is only set if the button is parsed in the device tree. However, on hardware where the button is left floating...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt7629-eth: Added a check for the return value of mtkallocclkdata. The check is added to prevent dereferencing of a NULL pointer...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: spi: hisi-sfc-v3xx: Return IRQNone if no interrupts were detected Return IRQNone from the interrupt handler when no interrupt was detected. This is because an empty interrupt will cause a null pointer error: Unable to handle kern...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: check contexts-nr in repeatcallfn damonsysfsrepeatcallfn calls damonsysfsupdtunedintervals, damonsysfsupdschemesstats, and damonsysfsupdschemeseffectivequotas without checking contexts-nr. If nrcontexts is set to ...