Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fixed a NULL pointer dereferencing issue in gfs2rgrpdump. Syzkaller reported a NULL pointer dereferencing issue when accessing rgd-rdrgl in gfs2rgrpdump. This can occur when creating rgd-rdgl fails in readrindexentry. To...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: Added a missing check for allocorderedworkqueue. Added a check on the return value of allocorderedworkqueue, as it may return a NULL pointer, causing a NULL pointer dereferencing in hdmihdcp.c and hdmihpd.c. Patch...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: sched/fair: Fixed an error in reweightentity. Syzbot detected a GPF in reweightentity. This issue has been fixed in commit 4ef0c5c6b5ba “kernel/sched: Fixed the issue where schedfork accesses an invalid schedtaskgroup”. There ...

Astra Linux - уязвимость в hiredis

In libhiredis.a under hiredis through version 0.14.0, async.c and dict.c allow a NULL pointer dereferencing because the return values of malloc are unchecked...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: scsi.debug: Do not call kcalloc if size argument is zero. If the size argument to kcalloc is zero, it returns ZEROSIZEPTR. Therefore, for the subsequent NULL pointer check to work on the returned pointer, kcalloc must no...

Astra Linux - уязвимость в sqlite3

In SQlite 3.31.1, a potential null pointer derefrence was detected during the INTERSEC query processing...

Astra Linux - уязвимость в linux-5.15

A issue was discovered in the Linux kernel through version 5.16-rc6. The function imxregisteruartclocks in drivers/clk/imx/clk.c lacks a check on the return value of kcalloc, which can lead to a null pointer dereferencing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fixed a possible null-ptr-deref issue when initializing hardware. The result of the avsdaifindpathtemplate function must be verified before being used. Since the ‘template’ is already known when...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: misc: brcmstb-usb-pinmap: check return value after calling platformgetresource This issue could lead to a null-ptr-deref error if platformgetresource returns NULL. Therefore, we need to check the return value...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Fixed NULL pointer dereferencing by removing unnecessary structure fields. If the driver reads a value that is sufficient for the condition: val & 0x08 && !val & 0x80 && val & 0x7 == val 4 & 0x7 NULL pointer...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag, fix failure to cancel delayed bond work The commit 0d4e8ed139d8 “net/mlx5: Lag, avoid lockdep warnings” accidentally removed a call to cancel delayed bond work. This may cause queued delays to expire and affect wor...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: Fix NULL pointer in skbsegmentlist. The commit 3a1296a38d0c “net: Support GRO/GSO fraglist chaining” introduced a bug where the GRO was processed using a UDP list. The segmentation of data relies on fraglist not being modifi...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: mmcspi: fixed error handling in mmcspiprobe If mmcaddhost fails, there is no need to call mmcremovehost; otherwise, it may cause a null-ptr-deref due to deleting a device that was not properly added in mmcremovehost. To fix...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/panel: A possible null pointer dereference in jdipaneldsiremove has been fixed. In jdipaneldsiremove, jdi is explicitly checked, indicating that it may be NULL: c if !jdi mipidsidetachdsi; However, when jdi is NULL, the...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

A NULL pointer dereference vulnerability exists in the Linux kernel on Linux, x86, and ARM platforms including networking and Bluetooth modules. This vulnerability is associated with the program file /net/bluetooth/rfcomm/core.C. This issue affects the Linux kernel version v2.6.12-rc2...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xsk: Check IFFUP earlier in the Tx path. The Xsk Tx operation can be triggered via either sendmsg or poll system calls. Both paths involve a call to the common function xskxmit, which contains two sanity checks. Here’s a...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: media: az6007: Fixed nullptrderef in az6007i2cxfer In az6007i2cxfer, msg is controlled by the user. When msgi.buf is null and msgi.len is zero, previous checks on msgi.buf would still be performed. Malicious data could...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an DFS traversal error without CONFIGCIFSDFSUPCALL. When compiled with CONFIGCIFSDFSUPCALL disabled, cifsdfsdautomount is NULL. The logic for mapping CIFSFATTRDFSREFERRAL attributes to SAUTOMOUNT and corresponding...

Astra Linux – Vulnerability in klibc

A issue was discovered in klibc before version 2.0.9. An integer overflow in the cpio command may lead to a NULL pointer dereferencing on 64-bit systems...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Signal: Allocate SSVE storage when restoring ZA The code used to restore a ZA context does not attempt to allocate the task’s svestate before setting TIFSME. As a result, restoring a ZA context may place the task in...