63168 matches found
Astra Linux – Vulnerability in sane-backends
A NULL pointer dereferencing in the saneiepsonnetread function in SANE backends before version 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, known as GHSL-2020-075...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: serial: 8250port: Check IRQ data before use If the leaf driver wishes to use IRQ polling irq = 0, and the IIR register indicates that an interrupt occurred in the 8250 hardware, the IRQ data can be NULL. In such cases, we need to...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fixed a null pointer dereferencing in ofsysconregister. The kasprintf function returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: seg6: Fixed parameter passing when calling NFHOOK in the End.DX4 and End.DX6 behaviors. The functions inputactionenddx4 and inputactionenddx6 call NFHOOK for the PREROUTING hook. During the PREROUTING hook, a valid indev and a...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: The LPAR panics during bootup due to a frozen PE. During the LPAR bootup, the partition firmware provides the ibm,dma-window property for the PE. This property is provided on the PCI bus to which the PE is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Ensure that objs is not NULL in virtiogpuarrayputfree. If virtiogpuobjectshmeminit fails e.g., due to fault injection, as happened in the bug report by syzbot, virtiogpuarrayputfree might be called with objs being NUL...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: sctp: A buffer overflow vulnerability exists when skbheaderpointer returns NULL in sctprcvootb. We should always check if the return value of skbheaderpointer is NULL before using it. Otherwise, it may lead to a nullptrderef...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Tracing: Add a NULL pointer check to triggerdatafree. If triggerdataalloc fails and returns NULL, eventhisttriggerparse jumps into the outfree error path. While kfree safely handles a NULL pointer, triggerdatafree does not. This...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: bridge: Guards the local VLAN-0 FDB helpers against NULL vlan groups. When CONFIGBRIDGEVLANFILTERING is not set, the brvlangroup and nbpvlangroup functions return NULL as defined in brprivate.h. The BRBOOLOPTFDBLOCALVLAN0 togg...
Astra Linux – Vulnerability in openjpeg2
There is a flaw in OpenJPEG’s T2 encoder in versions prior to 2.4.0. An attacker who can provide crafted input for OpenJPEG to process may cause a null pointer dereferencing. The most significant impact of this flaw is the availability of the application...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix looping of queued SG entries The value of dwc3request-numqueuedsgs is decremented upon completion. If a partially completed request is processed, then dwc3request-numqueuedsgs no longer reflects the total...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed the potential NULL pointer dereferencing in nilfsbtreeinsert The patch series “nilfs2: fixes potential issues with empty B-tree nodes” addresses three potential issues with empty B-tree nodes that can occur with...
Astra Linux – Vulnerability in gst-plugins-good1.0
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstjpegdecnegotiate function in gstjpegdec.c. This function does not check for a NULL return value from gstvideodecodersetoutputstate. When this occurs,...
Astra Linux – Vulnerability in Linux 5.15
A issue was discovered in the Linux kernel through version 5.16-rc6. The function rtwinitxmitpriv in drivers/staging/r8188eu/core/rtwxmit.c lacks a check on the return value of rtwallochwxmits, which can lead to a null pointer derefrence...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fixed a situation where a NULL pointer was dereferenced. The LRU mechanism may look up a resource during the process of removing it from an object. The locking rules for this operation are somewhat unclear, but it...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: Fixed the issue of null pointer dereferencing in RTC features. When there is no interrupt line, the RTC alarm feature is disabled. The clearing of the alarm feature bit was performed before allocating the ldata-rtc...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: dev: check the return value when calling devsetname If devsetname fails, the devname will be null. Check the return value of devsetname to avoid a null-ptr-deref...
Astra Linux – Vulnerability in Heimdal
Before version 7.7.1, Heimdal allowed attackers to cause a NULL pointer dereference in an SPNEGO acceptor, by using a preferredmechtype of GSSCNOOID and a non-zero initialresponse value for sendaccept...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: nl80211 – Fix for NULL-ptr dereference in the offchan check If, for example, in AP mode, the link has already been created by the user space, but has not yet been activated, it has a chandef field, but the chandef is invali...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: acpi: Fix for suspending with Xen PV The commit f1e525009493 “x86/boot: Skip realmode init code when running as Xen PV guest” missed one code path that accessed the realmodeheader. This led to a situation where a NULL pointer was...