Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: vsock: prevented null-ptr-deref in vsockhasdata|hasspace. Recent reports have shown that we sometimes call vsockhasdata when a vsock socket has been de-assigned from a transport see attached links. However, this should not be don...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: iwlwifi: Added a missing check for allocorderedworkqueue. Also added a check on the return value of allocorderedworkqueue, as it might return a NULL pointer...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: can: afcan: fixed NULL pointer dereferencing in canrcvfilter. Similar to the issue reported in commit 8aa59e355949 “can: afcan: fixed NULL pointer dereferencing in canrxregister”, we need to check for a missing initialization ...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: jbd2: fixed data-race and null-ptr-deref in jbd2journaldirtymetadata Since handle-htransaction may be a NULL pointer, we should change it by calling ishandleabortedhandle before dereferencing it. Additionally, the following...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The issue of a null pointer dereference error in generateencryptionkey has been fixed. If a client sends two session setups with KRB5 authentication to ksmbd, a null pointer dereference error in generateencryptionkey can...

Astra Linux - уязвимость в binutils

A NULL pointer dereference also known as SEGV at an unknown address 0x000000000000 was discovered in the workstuffcopytofrom function in cplus-dem.c within GNU libiberty, as part of the GNU Binutils 2.30 distribution. This issue can occur during the execution of objdump...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: The TOCTOU issue in skisreadable has been fixed. sk-skprot-sockisreadable is a valid function pointer when sk resides in a sockmap. After the last skpsockput call which usually occurs when a socket is removed from the sockma...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: corrected the order of the prelimref arguments in btrfsprelimref. The btrfsprelimref function calls the old and new reference variables in the incorrect order. This causes a NULL pointer dereference because oldref is...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: A possible null pointer dereference has been fixed in niclear. In a previous commit c1006bd13146, ni-mi.mrec in niwrite inode could be NULL. Therefore, a NULL check was added for this variable. However, in the same call...

Astra Linux - уязвимость в harfbuzz

HarfBuzz is a text shaping engine. Prior to version 12.3.0, there was a null pointer dereference vulnerability in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check whether hbmalloc returns NULL before using placement new to construct an...

Astra Linux - уязвимость в binutils

A issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in workstuffcopytofrom when called from iteratedemanglefunction...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Cannot set dstbuffer to done when a late decoding error occurs. The core thread will call v4l2m2mbufdone to set the dstbuffer as done for the late architecture. If v4l2m2mbufdoneandjobfinish is called lat...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: skmsg: Fixed the incorrect last sg check in skmsgrecvmsg. Also, one instance of a kernel NULL pointer dereferencing was fixed as follows: 224.462334 Call Trace: 224.462394 tcpbpfrecvmsg+0xd3/0x380 224.462441 ? sockhasperm+0x78/0x...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fixed null pointer dereferencing in pinctrldttomap Here is the BUG report by KASAN regarding null pointer dereferencing: BUG: KASAN: nullptrderef in strcmp+0x2e/0x50 A read of size 1 was performed at address...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Ensure that write operations are atomic. syzbot reported a NULL pointer dereference in genericfilewriteiter. Before the write operation is completed, the user executes ioctl to clear the compress flag of the file. This...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: A NULL pointer dereferencing occurred after calling stargettorport. Calls to stargettorport may return NULL. Add a check for NULL rport before dereferencing...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A NULL pointer dereferencing was addressed in amdgpudmconnectoraddcommonmodes. In amdgpudmconnectoraddcommonmodes, amdgpudmcreatecommonmode assigns mode to mode, and mode is directly passed to drmmodeprobedadd...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drbd: Only clone the bio if there is a backing device available. The commit c347a787e34cb drbd: changed -bibdev to -bibdev in drbdreqnew moved the biosetdev call which has since been removed to an earlier stage, from...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: HID: steam: Prevent NULL pointer dereferencing in steamrecv,sendreport It is possible for a malicious device to fail to submit a Feature Report. The HID Steam driver currently does not handle this situation and dereferences the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: rose: Fixed NULL pointer dereferencing in rosesendframe The syzkaller reported an issue: KASAN: NULL pointer dereferencing in range 0x0000000000000380-0x0000000000000387 CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted...