Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: skmsg: Fixed the incorrect last sg check in skmsgrecvmsg. Also, one instance of a kernel NULL pointer dereferencing was fixed as follows: 224.462334 Call Trace: 224.462394 tcpbpfrecvmsg+0xd3/0x380 224.462441 ? sockhasperm+0x78/0x...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In the ofmodalias function, we can pass the str and len parameters. This could lead to a kernel oops in vsnprintf, as the function only allows passing a NULL pointer when the length is also 0. Additionally, we need to filter out...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash after fscryptencryptpagecacheblocks error The function movedirtyfolioinpagearray was created by the commit ce80b76dd327 "ceph: introduce cephprocessfoliobatch method". The code for this function was moved from...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Signal: Allocate SSVE storage when restoring ZA The code used to restore a ZA context does not attempt to allocate the task’s svestate before setting TIFSME. As a result, restoring a ZA context may place the task in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: tlv320adcx140 – fixed the null pointer issue. The “sndsoccomponent” in “adcx140priv” was only used once and was never set. It was only used to access “dev”, which already exists in “adcx140priv”...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Quota: Fixed the potential NULL pointer dereferencing. The race condition below may cause NULL pointer dereferencing. P1 P2 dquotfreeinode quotaoff dropdquotref removedquotref dquots = idquotinode dquots = idquotinode...

Astra Linux - уязвимость в libstb

It was discovered that Nothings stb 2.28 contains a Null Pointer Dereference issue through the stbiconvertformat function. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted PIC file...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: afs: Fixed dynamic root getattr The recent patch to modify afagetattr to consult the server did not take into account the pseudo-inodes used by the dynamic root-type afa superblock. As a result, there was an oops when such a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fixed the issue where gvt debugfs destruction occurred unexpectedly. When gvt debugfs is destroyed, it is necessary to perform a proper check to ensure that the debugfs root of the DRM minor is still available...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Assign the job pointer to NULL before signaling the fence In commit e4b5ccd392b9 “drm/v3d: Ensure the job pointer is set to NULL after the job completes”, we introduced a change to assign the job pointer to NULL after...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mlx5: Default values have been fixed in the create CQ process. Currently, CQs without a completion function are assigned the mlx5addcqtotasklet function by default. This is problematic because only user CQs created through the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: The read pointer of the GSP message queue is advanced correctly. A GSP event message consists of three parts: the message header, the RPC header, and the message body. GSP calculates the number of pages to write based o...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fixed a null pointer dereference in the trace function. ucsiregisteraltmode checks if ISERR is true for the alt pointer and treats NULL as valid. When CONFIGTYPECDPALTMODE is not enabled, ucsiregisterdisplayport...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fixed a segfault in tcmlooptpgaddressshow If the allocation of tlhba-sh fails in tcmloopdriverprobe, and we attempt to dereference it in tcmlooptpgaddressshow, we will encounter a segfault. See below for an...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: Check the return value of platformgetresource. platformgetresource returns NULL in case of failure. Therefore, check its return value and propagate the error to prevent NULL pointer dereferencing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: block/rqqos: The rqqos API is protected with a new lock. Commit 50e34d78815e “block: disable the elevator int delgendisk” The function rqqosexit was moved from diskrelease to delgendisk. This may introduce some issues: 1 If...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: rds: Fixed a possible NULL pointer dereferencing issue. In the rdsrdmacmeventhandlercmn function, a check was performed to ensure that the conn pointer exists before dereferencing it as an argument for rdmasetservicetype. Th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘drm/prime: Use dmabuf from GEM object instance’” This change is reflected in commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8. The dmabuf field in the struct drmgemobject is not stable throughout the lifetime of the objec...

Astra Linux - уязвимость в openjpeg2

It was discovered that openjpeg v 2.5.0 contains a NULL pointer dereference through the /openjp2/dwt.c component...

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2. When attempting to mount an HFS+ partition, the hfsplus filesystem driver does not correctly set the ERRNO value. This issue may lead to a NULL pointer access...