31365 matches found
Astra Linux - уязвимость в sox
A issue was discovered in libsox.a within SoX 14.4.2. In sox-fmt.h, within the startread function, there is an integer overflow in the result of integer addition with a wrap around to 0 passed into the lsxcalloc macro that wraps around to malloc. When a NULL pointer is returned, it is used withou...
Astra Linux - уязвимость в harfbuzz
HarfBuzz is a text shaping engine. Prior to version 12.3.0, there was a null pointer dereference vulnerability in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check whether hbmalloc returns NULL before using placement new to construct an...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/client: fixed the null pointer dereference in drcmclientmodesetprobe. In drcmclientmodesetprobe, the return value of drmmodeduplicate is assigned to modeset-mode, which may lead to a NULL pointer dereference if drmmodeduplica...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Issue: unittest – Fix null pointer dereferencing in ofunittestfindnodebyname Description: When kmalloc fails to allocate memory in kasprintf, name or fullname will be NULL, and strcmp will cause a null pointer dereference...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
The dotlsgetsockopt function in net/tls/tlsmain.c in the Linux kernel, up to version 6.2.6, lacks a locksock call, resulting in a race condition. This can lead to a use-after-free issue or a NULL pointer dereferencing...
Astra Linux - уязвимость в libarchive
A vulnerability was discovered in libarchive up to version 3.7.7. It has been classified as problematic. This issue affects the function list of the bsdunzip.c file. The vulnerability leads to a null pointer dereference. The attack can be launched on the local host. The exploit has been disclosed...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: fs/sysv: Null check to prevent the null-ptr-deref bug...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag, fix failure to cancel delayed bond work The commit 0d4e8ed139d8 “net/mlx5: Lag, avoid lockdep warnings” accidentally removed a call to cancel delayed bond work. This may cause queued delays to expire and affect wor...
Astra Linux - уязвимость в binutils
There is a flaw in binutils /bfd/pef.c. An attacker who can submit a crafted input file for processing by the objdump program could cause a null pointer dereference. The greatest threat of this flaw is to the availability of the application. This flaw affects binutils versions prior to 2.34...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: mlme: Fixed the issue where a null pointer dereference occurred when association with an AP without a link 0 failed. If the association with an AP without a link 0 fails, we may crash during tracing. This occurs...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: Fixed a kernel panic that occurred in bnxtgetqueuestatsrx | tx. When the qstats-get operation is executed, calls to netdevstatsops are made. bnxtgetqueuestatsrx | tx collects per-queue statistics from swstats in the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: checked for a null return from devmkzalloc in dpuwritebackinit. Due to the possible failure of devmkzalloc, dpuwbconn might be NULL, causing a null pointer derefrence later. Therefore, it might be better to check thi...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/mxsfb: Disabling the overlay plane in mxsfbplaneoverlayatomicdisable When disabling the overlay plane in mxsfbplaneoverlayatomicupdate, the framebuffer pointer of the overlay plane is NULL. Therefore, dereferencing it would...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor the bind path to use free After a bind/unbind cycle, the ncm-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request, resulting in ...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Added a NULL check in imxcardprobe The devmkasprintf function returns NULL when memory allocation fails. Currently, imxcardprobe does not check for this case, which results in a NULL pointer being dereferenced. Ad...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a check for cstate. Since kzalloc may fail and return a NULL pointer, it would be better to check the cstate to avoid dereferencing the NULL pointer in drmatomichelpercrtcreset. Patch details:...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: xfrm: added a NULL check in xfrmupdateaeparams Normally, x-replayesn and x-preplayesn should be allocated in xfrmallocreplaystateesn…, hence xfrmupdateaeparams… can update them. However, the current implementation of xfrmnewae…...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: In libceph, the error from monhandleauthdone is now properly returned. Currently, any error from cephauthhandlereplydone is propagated via finishauth, but it is not returned from monhandleauthdone. This results in higher layers...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel assumes that the vmbus channel array is allocated when it is called. However, in situations like kdump/kexec, not all relids will be reset by...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mmc: sunplus: fix the return value check in mmcaddhost The mmcaddhost function may return an error if we ignore its return value. As a result: 1. The memory allocated in mmcallochost will be leaked. 2. A null-ptr-deref excepti...