31250 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: icmp6: Fixed the null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev. With some IPv6 Ext Hdr RPL, SRv6, etc., we can send a packet that has the link-local address as src and dst IP, and it will be forwarded to an external IP in t...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an DFS traversal error without CONFIGCIFSDFSUPCALL. When compiled with CONFIGCIFSDFSUPCALL disabled, cifsdfsdautomount is NULL. The logic for mapping CIFSFATTRDFSREFERRAL attributes to SAUTOMOUNT and corresponding...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: serial: Fixed potential nullptrderef in mlbusioprobe The devmioremap function can return NULL in case of an error. Currently, mlbusioprobe does not check for this situation, which could lead to a NULL pointer dereference. Add a...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: audioreach: fixed the potential null pointer dereferencing issue. It is possible that the topology parsing function audioreachwidgetloadmodulecommon might return NULL or an error pointer. A NULL check should be added ...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it. The cdnspcie::ops might not be populated by all Cadence glue drivers. This is true for the upcoming Sophgo platform, as it does not set the ops. Therefore, a...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
The dotlsgetsockopt function in net/tls/tlsmain.c in the Linux kernel, up to version 6.2.6, lacks a locksock call, resulting in a race condition. This can lead to a use-after-free issue or a NULL pointer dereferencing...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Signal: Allocate SSVE storage when restoring ZA The code used to restore a ZA context does not attempt to allocate the task’s svestate before setting TIFSME. As a result, restoring a ZA context may place the task in...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Fixed NULL pointer dereferencing by removing unnecessary structure fields. If the driver reads a value that is sufficient for the condition: val & 0x08 && !val & 0x80 && val & 0x7 == val 4 & 0x7 NULL pointer...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: nbd: The function genlunregisterfamily is called first in nbdcleanup. Otherwise, there may be a race between the removal of the module and the handling of the netlink command, which can lead to an oops as shown below: BUG: Kernel...
Astra Linux - уязвимость в edk2
Null pointer dereferencing in Tianocore EDK2 may allow an authenticated user to potentially enable privilege escalation through local access...
Astra Linux - уязвимость в gst-plugins-good1.0
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. This function does not properly check the validity of the stream-codecpriv pointer. If...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed handling of incorrect devices during the bond netevent processing. The current implementation of the bond netevent handler only checks whether the handled netdev is a VF representative. However, there is no...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix NULL dereferencing when deactivating an inactive aggregate in qfqreset qfqclass-leafqdisc-q.qlen 0 does not imply that the class itself is active. Two qfqclass objects may point to the same leafqdisc. This...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt7629-eth: Added a check for the return value of mtkallocclkdata. The check is added to prevent dereferencing of a NULL pointer...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: spi: hisi-sfc-v3xx: Return IRQNone if no interrupts were detected Return IRQNone from the interrupt handler when no interrupt was detected. This is because an empty interrupt will cause a null pointer error. "Unable to handle...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a NULL pointer dereference in ‘niwrite inode’. Syzbot identified the following issue: Unable to handle a NULL pointer dereference at the virtual address 0000000000000016. Memory abort information: ESR =...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: mlme: Fixed the issue where a null pointer dereference occurred when association with an AP without a link 0 failed. If the association with an AP without a link 0 fails, we may crash during tracing. This occurs...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mmc: sunplus: fix the return value check in mmcaddhost The mmcaddhost function may return an error if we ignore its return value. As a result: 1. The memory allocated in mmcallochost will be leaked. 2. A null-ptr-deref excepti...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: psi: Added a check for kstrdup. Added a check on the return value of kstrdup, and return an error if it fails, in order to avoid NULL pointer dereferencing...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fixed an NPE in gncmBind. The commit 56a512a9b410 “usb: gadget: fncm: Aligned netdevice lifecycle with bind/unbind” deferred the allocation of the netdevice. This change results in a NULL pointer derefrence in t...