31363 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Security issue: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang version 15.0.6. A bug in clang’s implementation of -fzero-call-used-regs can lead to NULL pointer dereferencing see the links above the check for more information...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed the NULL pointer dereferencing issue in the early fallback to fastopen. In the event of an early fallback to TCP, subflowsynrecvsock deletes the subflow context before returning the newly allocated socket to the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: jffs2: Check the result of jffs2preallocrawnoderefs in a few other locations. Fuzzing revealed another invalid pointer dereferencing due to the lack of checking whether jffs2preallocrawnoderefs was completed successfully...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: checking the return value after calling platformgetresource. This will cause a null-ptr-deref if platformgetresource returns NULL; therefore, we need to check the return value...
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: xenbus: Use kref to track the lifetime of requests. Marek reported seeing a NULL pointer fault in the xenbusthread call stack: BUG: NULL pointer dereferencing in the kernel, address: 0000000000000000 RIP:...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: bcm2835spihandleerr: Fixed the issue of NULL pointer dereferencing during non-DMA transfers. In cases where an IRQ-based transfer times out, the bcm2835spihandleerr function is called. Since commit 1513ceee70f2 “spi...
Astra Linux - уязвимость в tiff
In libtiff version 4.3.0, the unchecked dereference of a return value can allow attackers to trigger a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, this issue has been fixed in the commit f2b656e2...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Disabled MACsec offload for uplink representative profiles MACsec offload is not supported in the switchdev mode for uplink representatives. When switching to the uplink representative profile, the MACsec offload...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Removed the unused nvmelswaitq wait queue. System crash occurs when qla2x00startspsp returns the error code EGAIN, and wakeup is called for an uninitialized waitqueue sp-nvmelswaitq. qla2xxx0000:37:00.1-2121:5:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: a fix was made to avoid NULL pointer dereferencing in f2fscheckquotaconsistency. The syzbot reported the following f2fs bug: Oops: gen 107.736417T5848 Oops: General protection fault; likely due to a non-canonical address...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdwutils: avoid NULL deref when devmkasprintf fails devmkasprintf may return NULL when memory allocation fails. However, the debug message prints cpus-dainame before checking it. Move the devdbg call after the NULL chec...
Astra Linux - уязвимость в squid
Squid is a caching proxy for the Web that supports HTTP, HTTPS, FTP, and other protocols. Due to a NULL pointer dereference bug, Squid is vulnerable to Denial of Service attacks targeting its Gopher gateway. The Gopher protocol was always available and enabled in Squid prior to Squid 6.0.1...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: When cloning a zoned device, the btrfszoneddeviceinfo structure associated with the device is not cloned. This issue can lead to a NULL pointer derefrence when accessing the device’s zoneinfo during operations such as...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/i915/gvt: fixed the issue where vGPU debugfs was cleaned up during the remove operation. Please carefully check whether the root debugfs is available when destroying the vGPU. For example, in the remove operation, the DRM...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: idpf: fixed null-ptr-deref in idpffeaturescheck idpffeaturescheck is used to validate the TX packet. The length of the skb header is compared with the value supported by the hardware, which is received from the device control...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: pinctrl: canaan: k230: added a NULL check in DT parsing. A NULL check was also added for the return value of ofgetproperty when retrieving the “pinmux” property in the group parser. This prevents a potential NULL pointer...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: TI: am65-cpsw-nuss: Fixed null pointer dereferencing for ndev. In the TX completion packet stage of TI SoCs with a CPSW2G instance, which has a single external Ethernet port, ndev is accessed without being...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a null pointer dereference in the tracingerrlogopen function. The function does not call seqopen if the file is opened only with write permissions. This results in file-privatedata being left as null. If we then us...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Tracing: kprobe: Fixed a potential nullptrdereference issue in traceeventfile in kprobeeventgentestexit. When tracegeteventfile fails, genkretprobetest will be assigned as the error code. If the kprobeeventgentest module is remov...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: netsched: Fixed NULL dereferencing in fifosetlimit. syzbot reported another NULL dereferencing in fifosetlimit. 1 The issue can be reproduced with the following command: unshare -n tc qd add dev lo root handle 1:0 tbf limit...