76765 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: virtio-net: The issue of checking the received length in large packets has been fixed. Since commit 4959aebba8c0 “virtio-net: Use the MTU size as the buffer length for large packets”, when the guest gso is disabled, the allocated...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent a jump to NULL for the addsidecar callback In the createsdwdailink function, it is checked that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if...
Astra Linux – Vulnerability in PHP 8.1, PHP 7.3
In PHP versions 8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, and 8.4. before 8.4.10, some functions like fsockopen lack validation to ensure that the supplied hostname does not contain null characters. This may cause other functions like parseurl to handle the hostname differently,...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A null check has been added for the function pointer in dcn32setoutputtransferfunc. This commit adds a null check for the setoutputgamma function pointer in the dcn32setoutputtransferfunc function. Previously,...
Astra Linux – Vulnerability in ffmpeg
A flaw was discovered in FFmpeg’s HLS playlist parsing. This vulnerability allows for a denial of service through a maliciously crafted HLS playlist, which triggers a null pointer dereference during initialization...
Astra Linux – Vulnerability in libssh
A flaw was discovered in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, a failure in cryptographic functions may lead to a NULL pointer being dereferenced. This issue can cause the client or server to crash...
Astra Linux – Vulnerability in dcmtk
A vulnerability was detected in DCMTK up to version 3.6.7. The affected element is the function DcmQueryRetrieveConfig::readPeerList in the file /dcmqrcnf.cc of the component dcmqrscp. This vulnerability results in a null pointer dereference. The attack can be carried out locally. The exploit is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: fix time stamp counter initialization If the gsusb device driver is unloaded or unbound before the interface is shut down, the USB stack first calls the struct usbdriver::disconnect, and then the struct...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: mlme: Fixed the issue where a null pointer dereference occurred when association with an AP without a link 0 failed. If the association with an AP without a link 0 fails, we may crash during tracing. This occurs...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Check the return value after calling platformgetresource platformgetresource may return a NULL pointer. We need to check its return value to avoid a null-ptr-deref in resourcesize...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: icmp6: Fixed the null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev. With some IPv6 Ext Hdr RPL, SRv6, etc., we can send a packet that has the link-local address as src and dst IP, and it will be forwarded to an external IP in t...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Install a stub fence into potential unused fence pointers. When using cpu to update page tables, VM update fences are unused. Install a stub fence into these fence pointers instead of using NULL. This prevents NULL...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: xfrm: added a NULL check in xfrmupdateaeparams Normally, x-replayesn and x-preplayesn should be allocated in xfrmallocreplaystateesn..., hence xfrmupdateaeparams... can update them. However, the current implementation of...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RCU: Protect access to rcuprinttaskexpstall - exptasks For kernels built with CONFIGPREEMPTRCU=y, the following scenario can result in a NULL pointer dereferencing: c CPU1 CPU2 rcupreemptdeferredqsirqrestore rcuprinttaskexpstall ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PowerPC: Do not attempt to copy PPR for tasks with NULL pt regs. PowerPC sets up PFKTHREAD and PFIOWORKER with a NULL pt regs, which, according to my arguably very brief checking, is not commonly done for other architectures. Thi...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Added a check for kzalloc. Since kzalloc may fail and return a NULL pointer, it’s better to check the return value in order to avoid dereferencing a NULL pointer. Patchwork:...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: Added a missing check for allocorderedworkqueue. Added a check on the return value of allocorderedworkqueue, as it may return a NULL pointer, leading to a NULL pointer dereferencing issue. Patchwork:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: The null-ptr-deref issue in vkmsrelease has been fixed. A null-ptr-deref occurs when trying to destroy the workqueue in vkms-output.composerworkq during vkmsrelease. KASAN: Null-ptr-deref occurred in the range...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Net: If sock is not available, do not access sock's skwq in skstreamwaitmemory. The following NULL pointer dereferences have also been fixed: ... 14.471200 Call Trace: 14.471562 14.471882 lockacquire+0x245/0x2e0 14.472416 ?...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drivers/md/md-bitmap: Check the return value of mdbitmapgetcounter. Check the return value of mdbitmapgetcounter in case it returns a NULL pointer, which would lead to a null pointer dereferencing. v2: Updated the check to includ...