Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A Null pointer dereference problem was detected in idafree in lib/idr.c within the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a lack of proper checks at function returns...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: checking the return value after calling platformgetresource. This will cause a null-ptr-deref if platformgetresource returns NULL; therefore, we need to check the return value...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: backlight: hx8357: Fixed potential NULL pointer dereferencing issues. The “im” pins are optional. Added a missing check in the hx8357probe function...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fixed a possible nullptrderef issue in cpufreqcpugetraw. cpufreqcpugetraw may return NULL if the CPU is not included in policy-cpus cpu mask, which could lead to a null pointer dereference...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xenbus: Use kref to track the lifetime of requests. Marek reported seeing a NULL pointer fault in the xenbusthread call stack: BUG: NULL pointer dereferencing in the kernel; address: 0000000000000000 RIP:...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: jffs2: check jffs2preallocrawnoderefs result in few other places Fuzzing hit another invalid pointer dereference due to the lack of checking whether jffs2preallocrawnoderefs completed successfully. Subsequent logic implies that t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: check p-vecbuf for NULL When the PAGEMAPSCAN ioctl is invoked with veclen = 0 reaches pagemapscanbackoutrange, kernel panics with null-ptr-deref: 44.936808 Oops: general protection fault, probably for non-canonic...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: bcm2835spihandleerr: Fixed the issue of NULL pointer dereferencing during non-DMA transfers. In cases where an IRQ-based transfer times out, the bcm2835spihandleerr function is called. Since commit 1513ceee70f2 “spi...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Removed the unused nvmelswaitq wait queue. System crash occurs when qla2x00startspsp returns the error code EGAIN, and wakeup is called for an uninitialized waitqueue sp-nvmelswaitq. qla2xxx0000:37:00.1-2121:5:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid NULL pointer dereference in f2fscheckquotaconsistency syzbot reported a f2fs bug as below: Oops: gen 107.736417 T5848 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7996: Added a NULL check in mt7996thermalinit. The devmkasprintf function can return a NULL pointer if it fails, but this returned value in mt7996thermalinit is not checked. A NULL check should be added in...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: net: If sock is dead don't access sock's skwq in skstreamwaitmemory Fixes the below NULL pointer dereference: ... 14.471200 Call Trace: 14.471562 14.471882 lockacquire+0x245/0x2e0 14.472416 ? removewaitqueue+0x12/0x50 14.473014 ?...

Astra Linux - уязвимость в squid

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggeri...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

A vulnerability has been discovered in the Linux kernel. It has been classified as problematic. The affected function is nilfsbmaplookupatlevel in the file fs/nilfs2/inode.c of the nilfs2 component. Manipulation of this function can lead to a null pointer dereference. The attack can be launched...

Astra Linux - уязвимость в tiff

In libtiff version 4.3.0, the unchecked dereference of a return value can allow attackers to trigger a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, this issue has been fixed in the commit f2b656e2...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn – Rejects AADs that are too short assoclen 8 to match the ESP/ESN specification. authencesn assumes that the AAD is in the ESP/ESN format. When the length of assoclen is shorter than the minimum expected length...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Disabled MACsec offload for uplink representative profiles MACsec offload is not supported in the switchdev mode for uplink representatives. When switching to the uplink representative profile, the MACsec offload...

Astra Linux - уязвимость в hiredis

In libhiredis.a under hiredis through version 0.14.0, async.c and dict.c allow a NULL pointer dereferencing because the return values of malloc are unchecked...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netsched: fix NULL deref in fifosetlimit syzbot reported another NULL deref in fifosetlimit 1 I could repro the issue with : unshare -n tc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000 rate 100Mbit tc qd replace dev ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Don't call kcalloc if size arg is zero If the size arg to kcalloc is zero, it returns ZEROSIZEPTR. Because of that, for a following NULL pointer check to work on the returned pointer, kcalloc must not be called...