62982 matches found
Astra Linux - уязвимость в binutils
A NULL pointer dereference was discovered in elflinkaddobjectsymbols in elflink.c within the Binary File Descriptor BFD library also known as libbfd, as part of the GNU Binutils 2.31.1. This issue occurs with a specially crafted ETDYN file that lacks program headers. A specially crafted ELF file...
Astra Linux - уязвимость в gpac
NULL pointer dereferencing in the GitHub repository gpac/gpac before 2.3-DEV...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed a null pointer dereference in blkmqclearrqmapping. Our syzkaller report identified a null pointer dereference. The root cause is as follows: - blkmqallocmapandrqs: set-tagshctxidx = blkmqallocmapandrqs. -...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: media: coda: Added a check for codairamalloc. Since codairamalloc may return a NULL pointer, it is better to check the return value to avoid dereferencing a NULL pointer, just like with the other cases...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fixed a potential null-ptr-deref issue. Fixed the potential null-ptr-deref in hcilebigsyncestablishedevt...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fixed potential null pointer dereferencing. In functions lan8814getsigrx and lan8814getsigtx, ptpparseheader may return NULL due to abnormal packet types or corrupted packets. This bug has been fixed by adding a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mld: avoid panic on init failure In the event of an error during initialization, inHWrestart will be set, but it will never be cleared. Instead, we will retry the initialization process again. We will act as if we...
Astra Linux - уязвимость в linux-5.10
A NULL pointer dereference issue was discovered in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, resulting in a kernel oops condition that causes a denial of service...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fixed a NULL pointer dereferencing in atahostallocpinfo. In a unlikely and probably incorrect scenario where the ppi parameter of atahostallocpinfo points to an array starting with a NULL pointer, there will be ...
Astra Linux - уязвимость в dcmtk
A flaw has been discovered in OFFIS DCMTK up to version 3.6.9. The affected element is the function DcmQueryRetrieveIndexDatabaseHandle::startFindRequest/DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest in the library dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. This manipulation ca...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: backlight: hx8357: Fixed potential NULL pointer dereferencing issues. The “im” pins are optional. Added a missing check in the hx8357probe function...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Avoid NULL pointer access during management transmit cleanup. Currently, the “ar” reference is not added to “skbcb”. Although this reference is generally not used during transmit completion callbacks, when an...
Astra Linux - уязвимость в linux-5.15, linux-6.1
A null pointer dereference vulnerability was discovered in the nftdynsetinit function in net/netfilter/nftdynset.c within nftables in the Linux kernel. This issue may allow a local attacker with the CAPNETADMIN user privilege to trigger a denial of service attack...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: xhci: Fixed a NULL pointer dereference issue when reading PortLib’s debugfs files. Michal reported and fixed a NULL pointer dereference bug in the recently added PortLib’s debugfs files. The issue occurs when there are more port...
Astra Linux - уязвимость в qemu
A flaw was discovered in the QEMU-built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections exceeds a certain threshold. If it does, QEMU terminates the previous connection. However, if the previous connection is still in the handshake...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fixed a null pointer dereference in ext4raw inode If ext4getinodeloc fails e.g., if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattr inodedecrefall lacks error checking, this will lead to a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed the crash that occurs during profile change rollback failure. The mlx5enetdevchangeprofile function may fail to attach a new profile and may also fail to roll back to the old profile. In such cases, we might e...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: gve: Added NULL pointer checks when freeing irqs. When freeing notification blocks, we use priv-msixvectors as an index. If we fail to allocate priv-msixvectors as seen in the case of abortwithmsixvectors, it could lead to a NULL...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: A NULL pointer dereference occurred in the updatecpuqosrequest function. The updatecpuqosrequest function attempts to initialize the freq variable by dereferencing cpudata before verifying whether the policy...
Astra Linux - уязвимость в parsec
The vulnerability of the hashinitialize function in the PARSEC security subsystem is related to the assignment of a null pointer. Exploiting this vulnerability allows an attacker to cause a service failure...