Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: igc: Restored the IGCREMOVED logic and implemented it correctly. The initially merged version of the igc driver code via commit 146740f9abc4, “igc: Add support for PF” contained the following IGCREMOVED checks in the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed the bug: KASAN: null-ptr-deref in rxeqpdocleanup. The function rxecreateqp calls rxeqpfrominit. If an error occurs, the error handler for rxeqpfrominit will set both scq and rcq to NULL. Then, rxecreateqp calls...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handling of a null value of ‘streamstatus’ in the function ‘planeschangedforexistingstream’. This commit adds a null check for ‘streamstatus’ in the function ‘planeschangedforexistingstream’. Previously, the code...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: TCP: The check skb variable is not NULL in tcprtodeltaus. We have some machines running stock Ubuntu 20.04.6; these machines use the 5.4.0-174-generic kernel and run Ceph. Recently, a NULL pointer dereference occurred in...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fixed the null-ptr-deref issue in hugetlbfsParseParam Syzkaller reported a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Net: Do not write to msggetinq in the callee. This fix addresses the issue of NULL pointer dereferencing. msggetinq is an input field from the caller to the callee. Do not set it in the callee, as the caller may not clear it duri...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fixed a possible null-ptr-deref issue when initializing hardware. The result of the avsdaifindpathtemplate function must be verified before being used. Since the ‘template’ is already known when...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed a NULL pointer dereference when attempting to start a new transaction. BUG Syzbot reported a NULL pointer dereference, accompanied by a crash: FAULTINJECTION: Forcing a failure. starttransaction+0x830/0x1670...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Issue: unittest – Fix null pointer dereferencing in ofunittestfindnodebyname Description: When kmalloc fails to allocate memory in kasprintf, name or fullname will be NULL, and strcmp will cause a null pointer dereference...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: A possible null-ptr-deref occurred in ubifreevolume. This issue will occur in the following scenario: uifinit ubiaddvolume cdevadd – If this function fails, it will call killvolumes. deviceregister killvolumes – If...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an DFS traversal error without CONFIGCIFSDFSUPCALL. When compiled with CONFIGCIFSDFSUPCALL disabled, cifsdfsdautomount is NULL. The logic for mapping CIFSFATTRDFSREFERRAL attributes to SAUTOMOUNT and corresponding...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Assign the job pointer to NULL before signaling the fence In commit e4b5ccd392b9 “drm/v3d: Ensure the job pointer is set to NULL after the job completes”, we introduced a change to assign the job pointer to NULL after...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: A potential null-ptr-deref operation exists in ip6tablenattableinit. The ip6tablenattableinit function accesses net-gen-ptrip6tablenatnetops.id, but this function is exposed to user space before the entry is...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed potential NULL pointer dereferences in dcn10setoutputtransferfunc. The stream pointer is used in dcn10setoutputtransferfunc before checking whether stream is NULL. The issue was fixed as follows:...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

A NULL pointer dereference vulnerability exists in the Linux kernel on Linux, x86, and ARM platforms including networking and Bluetooth modules. This vulnerability is associated with the program file /net/bluetooth/rfcomm/core.C. This issue affects the Linux kernel version v2.6.12-rc2...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: fs/sysv: Null check to prevent the null-ptr-deref bug...

Astra Linux - уязвимость в linux-5.10, linux

A flaw was discovered in the Linux kernel. A NULL pointer dereference may occur when the slip driver is in progress to detach at sltxtimeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information...

Astra Linux - уязвимость в libarchive

A vulnerability was discovered in libarchive up to version 3.7.7. It has been classified as problematic. This issue affects the function list of the bsdunzip.c file. The vulnerability leads to a null pointer dereference. The attack can be launched on the local host. The exploit has been disclosed...

Astra Linux - уязвимость в libarchive

In libarchive before version 3.6.2, the software does not check for an error after calling the calloc function. This function may return a NULL pointer if it fails, leading to a NULL pointer being dereferenced. NOTE: The discoverer cites this CWE-476 issue, but third parties dispute its impact on...