Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fixed a crash that occurred when adding an interface under a latency condition. The commit 15faa1f67ab4 “lan966x: Fixed a crash that occurred when adding an interface under a latency condition” fixed a similar...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag – Check for LAG devices before creating debugfs. The function mlx5lagdevaddmdev may return 0 success even when an error occurs, but this error is handled gracefully. As a result, the initialization process proceeds ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Security issue: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang version 15.0.6. A bug in clang’s implementation of -fzero-call-used-regs can lead to NULL pointer dereferencing see the links above the check for more information...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: reliance on mt76connac2mactxrateval In order to address a potential NULL pointer dereferencing in mt7996macwritetxwi, the mt76connac2mactxrateval utility routine has been exported and reused in the mt7996 driv...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: vfio: Fixed NULL pointer dereferencing caused by uninitialized group-iommufd. group-iommufd is not initialized for the iommufdctxput function. 20018.331541 BUG: NULL pointer dereferencing in the kernel, address: 00000000000000...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Commands from recovery entries are freed after a session is closed. This leads to a use-after-free error when freeing commands, or a NPE Non-Programmable Error. The call trace is as follows: Time2Retain time...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtw89: pci: validate sequence number of TX release report Hardware rarely reports an abnormal sequence number in the TX release report, which may lead to an out-of-bounds access to the wdring-pages array, causing a NULL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dsi: Store driver data before invoking mipidsihostregister The call to mipidsihostregister triggers a callback to mtkdsibind, which uses devgetdrvdata to retrieve the mtkdsi structure. Therefore, this structure must...

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2, where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub’s argument list. However, it does not check in case the memory allocation fails. Once the allocation fails, a NULL pointer will be processed by the parseoption function,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drbd: fixed a null pointer dereferencing issue during local read operations In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed the NULL pointer dereferencing issue in the early fallback to fastopen. In the event of an early fallback to TCP, subflowsynrecvsock deletes the subflow context before returning the newly allocated socket to the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: octeontx2-pf: mcs: Fixed NULL pointer dereferencing issues When the system is restarted after creating a MacSec interface, NULL pointer dereferencing errors occurred. This patch fixes these errors by using the correct order of...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix the loop condition in f2fsquotasync The parameter cnt should be passed to sbhasquotaactive, rather than type, to correctly check the active quota. Moreover, when the type is -1, the compiler, with sufficient inli...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: phy: at803x: fix NULL pointer dereference on AR9331 PHY The latest kernel will fail when dealing with the PHY interrupt configuration, as it now relies on allocated private resources. Therefore, run a probe to allocate these...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: microchip: sparx5: Fixed a potential null-ptr-deref in sparxstatsinit and sparx5start. sparxstatsinit calls createsinglethreadworkqueue, without checking the return value; this may result in NULL being returned. A...

Astra Linux - уязвимость в openimageio

A denial-of-service vulnerability exists in the DPXOutput::close function of the OpenImageIO Project, version 2.4.4.2. A specially crafted ImageOutput object can lead to a null pointer dereferencing issue. An attacker can provide malicious input to trigger this vulnerability...

Astra Linux - уязвимость в openimageio

There are multiple denial-of-service vulnerabilities in the image output closing functionality of the OpenImageIO Project’s OpenImageIO v2.4.4.2. specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious inputs to exploit these...

Astra Linux - уязвимость в libjpeg-turbo

Libjpeg-turbo 1.5.2 has a NULL Pointer Dereference issue in files jdpostct.c and jquant1.c, due to a malicious JPEG file...

Astra Linux - уязвимость в libgd2

In the gdImageClone function in gd.c within libgd version 2.1.0-rc2 to 2.2.5, there is a NULL pointer dereferencing issue that allows attackers to crash an application through a specific function call sequence. This issue only affects PHP when it is linked with an external libgd not included as...

Astra Linux - уязвимость в sqlite3

The flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN where the right-hand side is a view. This can lead to a NULL pointer dereference or incorrect results...