Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: serial: max310x: Fixed a NULL pointer dereferencing issue during I2C instantiation. When attempting to instantiate a max14830 device from userspace: echo max14830 0x60 /sys/bus/i2c/devices/i2c-2/newdevice we encounter the followi...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: serial: core: Clearing the circular buffer before NULLifying it The circular buffer is NULLified in the uartttyportshutdown function, under the spin lock. However, the PM or other timer-based callbacks may still trigger after thi...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: xhci: Fixed null pointer dereferencing when the host dies. Ensure that xhcifreedev and xhcikillendpointurbs do not race with each other, and thus avoid null pointer dereferencing when the host suddenly dies. The USB core may...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Avoid NULL dereference of btusbmtkclaimisointf In the btusbmtksetup function, we set btmtkdata-isopktintf to: usbifnumtoifdata-udev, MTKISOIFNUM This function may return NULL in some cases. Even when...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In video/aperture, it is now possible to match the device in sysfbdisable. In apertureremoveconflictingpcidevices, we currently only call sysfbdisable for VGA-class devices. This leads to the following issue when the primary devi...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Check null-initialized variables WHAT & HOW drrtiming and subvppipe are initialized to null, and they are not always assigned new values. It is necessary to check for null before dereferencing these variables...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pp: Fixed a potential NULL pointer dereferencing in atomctrlinitializemcregtable. The functions atomctrlinitializemcregtable and atomctrlinitializemcregtablev22 do not check the return value of smuatomgetdatatable. If...

Astra Linux – Vulnerability in Firefox

The NSCDeriveKey function inadvertently assumed that the phKey parameter was always non-NULL. When the parameter was passed as NULL, a segmentation fault occurred, resulting in crashes. This behavior conflicts with the PKCS11 v3.0 specification, which allows phKey to be NULL for certain mechanism...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fixed a null pointer dereference in the trace function. ucsiregisteraltmode checks if ISERR is true for the alt pointer and treats NULL as valid. When CONFIGTYPECDPALTMODE is not enabled, ucsiregisterdisplayport...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: thermal/int340xthermal: handles datavault when the value is ZEROSIZEPTR. In some cases, GDDV returns a packet with a buffer of zero length. This causes kmemdup to return ZEROSIZEPTR 0x10. As a result, datavaultread encounters a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fixed a nullptrderef issue in rfcommchecksecurity. During our fuzz testing of the connection and disconnection processes at the RFCOMM layer, we discovered this bug. By comparing the packets generated during a...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bnxten: Adjusted the logging of firmware messages in case the token is released in hwrmsend. If the token is released because token-state equals BNXTHWRMDEFERRED, the released token set to NULL is used in log messages. This issue...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: the warning dereferencing obj for nbiov74 If rasmanager obj is null, do not print the NBIO error data...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/qxl: Added a check for drmcvtmode. Added a check on the return value of drmcvtmode, and return an error if it fails, in order to avoid NULL pointer dereferencing...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference iwlmvmtxskbsta and iwlmvmtxmpdu check that the mvmvsta pointer is not NULL. They retrieve this pointer using iwlmvmstafrommac80211, which dereferences the ieee80211sta pointer. I...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: wacom: fixed an issue where dereferencing a null pointer could occur when retrieving the product name. This issue was discovered on the EXCELSIOR DL37-D05 device with the Loongson-LS3A6000-7A2000-DL37 motherboard. Kernel log...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/gud: fixed NULL fb and crtc dereferences on USB disconnection. When the connection is disconnected, the function drmatomichelperdisableall is called, which sets both the fb and crtc for a plane to NULL before performing the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: Fix for statistics allocation. The controller per-cpu statistics is not allocated until after the controller has been registered with the driver core. This creates a window during which accessing the sysfs attributes may lea...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/sched: Returns NULL when htblookupleaf encounters an empty rbtree. htblookupleaf has a BUG that can be triggered with the following commands: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default 1 tc class...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: fixed TCP options overflow. Syzbot reported the following errors: Oops: general protection fault, likely due to a non-canonical address 0xdffffc0000000001: 0000 1 PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range...