31267 matches found
Astra Linux - уязвимость в qemu
A flaw was discovered in the QEMU-built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections exceeds a certain threshold. If it does, QEMU terminates the previous connection. However, if the previous connection is still in the handshake...
Astra Linux - уязвимость в sox
A issue was discovered in libsox.a within SoX 14.4.2. In sox-fmt.h, within the startread function, there is an integer overflow in the result of integer addition with a wrap around to 0 passed into the lsxcalloc macro that wraps around to malloc. When a NULL pointer is returned, it is used withou...
Astra Linux - уязвимость в libarchive
A vulnerability was discovered in libarchive up to version 3.7.7. It has been classified as problematic. This issue affects the function list of the bsdunzip.c file. The vulnerability leads to a null pointer dereference. The attack can be launched on the local host. The exploit has been disclosed...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: misc: brcmstb-usb-pinmap: check return value after calling platformgetresource This vulnerability could lead to a null-ptr-deref issue if platformgetresource returns NULL. Therefore, we need to check the return value...
Astra Linux - уязвимость в klibc
A issue was discovered in klibc before version 2.0.9. An integer overflow in the cpio command may lead to a NULL pointer dereferencing on 64-bit systems...
Astra Linux - уязвимость в sqlite3
In SQLite 3.31.1, the isAuxiliaryVtabOperator function allows attackers to trigger a NULL pointer dereferencing and segmentation fault due to generated column optimizations...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: carl9170 – Do not perform a ping on a device that has failed to load its firmware. Syzkaller reports that crashes occur when attempting to perform a ping on a device that has failed to load its firmware. Since such devic...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: A null pointer dereference issue in destroyprevioussession has been fixed. If the -PreviousSessionId is set during the Kerberos session setup phase, a null pointer dereference error may occur. Since sess-user is not set ye...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Assign job pointer to NULL before signaling the fence In commit e4b5ccd392b9 "drm/v3d: Ensure job pointer is set to NULL after job completion", we introduced a change to assign the job pointer to NULL after completing a...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fixed the null-ptr-deref issue in mreplace in raid10syncrequest. There are two checks for ‘mreplace’ in raid10syncrequest. In the first check, ‘needreplace’ will be set, and ‘mreplace’ will be used if there is no fault...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix null pointer deref in mt7996conftx If a link does not have an assigned channel yet, mt7996viflink returns NULL. We still need to store the updated queue settings in that case, and apply them later. Move th...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: media: az6007: Fixed nullptrderef in az6007i2cxfer In az6007i2cxfer, msg is controlled by the user. When msgi.buf is null and msgi.len is zero, previous checks on msgi.buf would still be performed. Malicious data could...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Driver Core: Fixed a potential nullptrderef issue in deviceadd. I encountered the following nullptrderef issue during the fault injection test: Bug: NULL pointer dereferencing in the kernel. Address: 0000000000000058 CPU: 2 PID:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: axp288fuelgauge: Fixed the race condition related to externalpowerchanged. The function fuelgaugeexternalpowerchanged dereferes the variable info-bat, which is then set in the function axp288fuelgaugeprobe. This process looks lik...
Astra Linux - уязвимость в openexr
A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file...
Astra Linux - уязвимость в netcdf
A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, when parsing a crafted XML file, performs incorrect memory handling, resulting in a NULL pointer being dereferenced while running strlen on a NULL pointer...
Astra Linux - уязвимость в libjpeg-turbo
A crafted input file could cause a null pointer dereference in jcopysamplerows when processed by libjpeg-turbo...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: ARM: davinci: da850evm: Avoid NULL pointer dereferencing In newer versions of GCC, a panic occurs in da850evmconfigemac when booting multiv5defconfig in QEMU under the palmetto-bmc machine. The issue arises from attempting to...
Astra Linux - уязвимость в gst-plugins-good1.0
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxparseblockgrouporsimpleblock function within matroska-demux.c. This function does not properly check the validity of the GstBuffer sub...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed NULL pointer dereferencing in i40edbgdumpdesc. When attempting to dump VFs using debugfs, a crash occurred due to NULL pointer dereferencing in i40edbgdumpdesc. A check was added to i40edbgdumpdesc to ensure that the...