Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: dmaengine: Fixed a NULL pointer issue in the channel unregistration function. The dmaasyncdevicechannelregister function may fail. In the event of a failure, chan-local is freed with freepercpu, and chan-local becomes null. When...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: fixed potential NULL pointer dereferencing in ncmbitrate In Google’s internal bug report 265639009, we received a crash report from a aarch64 GKI 5.10.149-android13 running device. According to the report, the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: powercap: intelrapl: A NULL pointer dereference issue has been fixed. A NULL pointer dereference occurs when probing the MMIO RAPL driver on platforms where the CPU ID is not listed in the intelraplcommon CPU model list. This...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm: Fixed a potential null-ptr-deref due to drmmmodeconfiginit. drmmmodeconfiginit will call drmmodecreatestandardproperties, and it does not check the return value. When drmmodecreatestandardproperties fails due to allocatio...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uSerial: Added a null pointer check in gSerialsuspend Consider a scenario where gSerialdisconnect has already cleared gser-ioport. If gSerialsuspend is called afterward, it will lead to accessing gser-ioport, thereby...

Astra Linux - уязвимость в ffmpeg, ffmpeg5

There is a NULL pointer dereference vulnerability in FFmpeg’s Firequalizer filter libavfilter/affirequalizer.c. This vulnerability arises due to a missing check on the return value of avmallocarray in the configinput function. An attacker could exploit this vulnerability by tricking a victim into...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fixed a NULL pointer in canacceptnewsubflow. When testing the valkey benchmark tool with MPTCP, the kernel panics in mptcpcanacceptnewsubflow because subflowreq-msk is NULL. The call trace is as follows:...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A race condition was detected in the Linux kernel’s DRM/Exynos device driver, specifically in the exynosdrmcrtcatomicdisable function. This can lead to a null pointer dereferencing issue, which may potentially cause a kernel panic or a denial of service...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: lltemac: The function platformgetresource was replaced with the function devmplatformioremapresourcebyname. This function is called using 0 as the name. Eventually, this leads to a call to platformgetresourcebyname in the ca...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed the potential use of a null pointer in destroyworkqueue within the error path of initcifs. Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 initcifs Error: We previously assumed th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: streamzap: Fixed a race condition between device disconnection and urb callback. Syzkaller has reported a general protection fault in the function irraweventstorewithfilter. This crash occurs due to a NULL pointer...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Signal: Allocate SSVE storage when restoring ZA The code used to restore a ZA context does not attempt to allocate the task’s svestate before setting TIFSME. As a result, restoring a ZA context may place the task in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: tlv320adcx140 – fixed the null pointer issue. The “sndsoccomponent” in “adcx140priv” was only used once and was never set. It was only used to access “dev”, which already exists in “adcx140priv”...

Astra Linux - уязвимость в libarchive

In libarchive before version 3.6.2, the software does not check for an error after calling the calloc function. This function may return a NULL pointer if it fails, leading to a NULL pointer being dereferenced. NOTE: The discoverer cites this CWE-476 issue, but third parties dispute its impact on...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: fixed statistics allocation. The controller per-cpu statistics is not allocated until after the controller has been registered with the driver core. This creates a window during which accessing the sysfs attributes may lead ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring: fixed the error in pbuf checking. Syz reports a problem, which boils down to inconsistent error handling of NULL vs ISERR in ioallocpbufring. KASAN: nullptrderef in range 0x0000000000000000-0x0000000000000007. RIP:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fixed the issue of null pointer dereferencing of the pointer perfmon. In the unlikely event that the pointer perfmon is null, the WARNON function is called after the pointer has already been dereferenced. This issue is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: A possible null-ptr-deref issue has been fixed in cadencenanddtprobe. This issue could lead to a null-ptr-deref when using ‘res’. If platformgetresource returns NULL, moving using ‘res’ after...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fixed a race condition between ufshcdmcqabort and the ISR. If a command timeout occurs and the cq complete IRQ is raised at the same time, ufshcdmcqabort clears the lprb-cmd, and a NULL pointer dereferencing occu...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Audit: fixed a possible null-pointer dereference in auditfilterrules. Fixed the possible null-pointer dereference in auditfilterrules. An error in auditfilterrules: previously, we assumed that 'ctx' could be null...