Astra Linux – Vulnerability in gst-plugins-base1.0

In GStreamer through 1.26.1, the tmplayerparseline function of the subparse plugin may dereference a NULL pointer during the parsing of a subtitle file, resulting in a crash...

Astra Linux – Vulnerability in ffmpeg, ffmpeg5

There is a NULL pointer dereference vulnerability in FFmpeg’s Firequalizer filter libavfilter/affirequalizer.c. This vulnerability arises due to a missing check on the return value of avmallocarray in the configinput function. An attacker could exploit this vulnerability by tricking a victim into...

Astra Linux – Vulnerability in OpenSSL

Issue summary: An invalid or NULL pointer dereference can occur in an application processing a malformed PKCS12 file. This can lead to a Denial of Service attack. Impact summary: An application processing a malformed PKCS12 file may inadvertently dereference an invalid or NULL pointer during memo...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ACPI: Processor – Fixed the previous issue in acpiprocessorerratapiix4 After the patch provided by commi f132e089fe89 “ACPI: Processor – Fixed NULL-pointer dereference in acpiprocessorerratapiix4”, device pointers may be...

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL Magick Scripting Language parser when processing tags before images are loaded. This can lead to DoS attacks due to...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixed NULL pointer dereferencing in nilfspalloccommitfreeentry. Syzbot reported a NULL pointer dereferencing bug: NILFS loop0: segctord started. Construction interval = 5 seconds, CP frequency 3c 02 00 0f 85 26 05 00 0...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: Added a NULL check in BE reparenting. A NULL check was also added to the dpcmbereparent API, to handle kernel NULL pointer dereferencing errors. This issue occurred during fuzzing tests...

Astra Linux – Vulnerability in Vim

NULL pointer dereferencing in the GitHub repository for vim/vim before version 9.0.0259...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: bigbenff: prevent null pointer dereference When emulating the device through UHID, there is a possibility that we do not have output reports, and as a result, reportfield is set to null...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: netsched: Fixed NULL dereferencing in fifosetlimit. syzbot reported another NULL dereferencing in fifosetlimit. 1 I can reproduce the issue with the following commands: unshare -n tc qd add dev lo root handle 1:0 tbf limit...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ACPI: Fix for NULL pointer dereferencing Commit 71f642833284 “ACPI: utils: Fix reference counting in foreachacpidevmatch” began handling “acpidevput” on a pointer that might be NULL. This approach fails miserably, as the helper...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fixed the issue of null pointer dereference on the pointer edp. The pointer dev is initialized, and the edp is dereferenced before edp is checked for being null. This could lead to a null pointer dereference issue. This...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: cx88: A null-ptr-deref bug was fixed in the bufferprepare function. When the driver calls cx88riscbuffer to prepare the buffer, the function call may fail, resulting in an empty buffer and a null-ptr-deref later in the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: sched: sfb: Fixed an issue where a null pointer access occurred when sfbinit failed. When the default qdisc is sfb, if the qdisc of devqueue fails to be initialized during mqprioinit, sfbreset is invoked to clear resource...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for null-ptr-deref in ext4writeinfo I identified a bug involving null-ptr-deref as follows: ========================================== KASAN: null-ptr-deref in range 0x0000000000000068-0x000000000000006f CPU: 1 PID: 158...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: SoundWire: Revisiting the driver’s bind/unbind operations and callbacks In the SoundWire framework, we store a pointer from the driver operations in the “slave” structure. This can lead to kernel errors when unbinding codec...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ftrace: Fixed NULL pointer dereferencing in isftracetrampoline when ftrace is disabled. ftracestartup does not remove ops from ftraceopslist when ftracestartupenable fails: registerftracefunction ftracestartup...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: The issue related to null-ptr-deref in bitmapparselist has been fixed. A crash was observed with the following output: BUG: NULL pointer dereferencing in the kernel; address: 0000000000000010 Oops: 0000 1 SMP NOP...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: always call cephshiftunusedfoliosleft The function cephprocessfoliobatch sets foliobatch entries to NULL, which is an illegal state. Before foliobatchrelease crashes due to this API violation, the function...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: TI: am65-cpsw-nuss: Fixed null pointer dereferencing for ndev. In the TX completion packet stage of TI SoCs with a CPSW2G instance, which has a single external Ethernet port, ndev is accessed without being...