76774 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail out from dwc3gadgetexit if dwc-gadget is NULL. There exists a possible scenario in which dwc3gadgetinit may fail: during the switch between peripheral and host modes in dwc3setmode, and if a pending gadget...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: The issue occurs when testing as follows: a Using syscallNRSocket, 0x10ul, 3ul, 0 to create a netlink socket. b Using syscallNRSendMsg, ... to create a bond link device and a vxcan link device, and binding the vxcan device to the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fixed null pointer dereferencing in pinctrldttomap Here is the BUG report by KASAN regarding null pointer dereferencing: BUG: KASAN: nullptrderef in strcmp+0x2e/0x50 A read of size 1 was performed at address...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ATA: libata-transport: fixed the double call to atahostput in atatportadd In the error path in atatportadd, when calling putdevice, atatportrelease is called. This function decreases the refcount of ‘ap-host’. Then, atahostput is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: Fix error handling in atatportadd In atatportadd, the return value of transportadddevice is not checked. As a result, a null pointer derefrence occurs when removing the module. This occurs because...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ata: libata-transport: fixed error handling in atatlinkadd In atatlinkadd, the return value of transportadddevice is not checked. As a result, a nullptrdereference exception occurs when removing the module, because...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fixed error handling in atatdevadd In atatdevadd, the return value of transportadddevice is not checked. As a result, a null-ptr-deref occurs when removing the module, because transportremovedevice is calle...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ftrace: A null pointer dereference occurred in ftraceaddmod. The @ftracemod is allocated using kzalloc. Therefore, both members prev, next of @ftracemode-list are NULL. This makes calling listdel invalid. If kstrdup for...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iio: accel: mma8452: use the correct logic to get mma8452data. The original logic for getting mma8452data is incorrect. The dev points to the device belonging to iiodev. We cannot use this dev to find the correct i2cclient. The...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: rt7-sdw: harden jackdetecthandler Realtek headset codec drivers typically check whether the card is instantiated before proceeding with the jack detection. However, rt700, rt711, and rt711-sdca lack a check on the card...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: kernfs: a potential NULL dereference occurred in kernfsremove. When lockdep is enabled, lockdepassertheldwrite could cause a potential NULL pointer dereference. The following smatch warnings have also been fixed:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed the bug: KASAN: null-ptr-deref in rxeqpdocleanup. The function rxecreateqp calls rxeqpfrominit. If an error occurs, the error handler for rxeqpfrominit will set both scq and rcq to NULL. Then, rxecreateqp calls...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of ‘privep’ assignment in cdns3gadgetepdequeue, cdns3gadgetepenable If ‘ep’ is NULL, the result of eptocdns3epep is an invalid pointer. Dereferencing ‘privep-cdns3dev’ with this pointer may cause a panic...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm/ttm: Fixed the bug where a dummy res NULL pointer was dereferenced. Check the bo-resource value before accessing the memtype resource. v2: Fixed an issue with the commit description unwrapping warning. 40.191227 T184 Gener...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: virtionet: a memory leak inside XPDTX has been fixed using mergeable. When we call xdpconvertbufftoframe to obtain xdpf, if it returns NULL, we should check whether xdppage was allocated by xdplinearizepage. If it was newly...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed a NULL dereference in ntfsupdatemftmirr. If ntfsfillsuper is not called, then sbi-sb will be equal to NULL. The code should check this pointer before dereferencing it. The Syzbot encountered this issue by passing...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: dsa: mv88e6060: prevent crash on an unused port If the port is neither a CPU port nor a user port, ‘cpudp’ is a null pointer, and a crash occurs when dereferencing it in mv88e6060setupport: 9.575872 Unable to handle kerne...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: LAG, fixed the logic for MLX5LAGFLAGNDEVSREADY Set MLX5LAGFLAGNDEVSREADY only if both devices are registered. This ensures that both ldev-pfMLX5LAGP0.dev and ldev-pfMLX5LAGP1.dev have valid pointers when...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: skmsg: Fixed the incorrect last sg check in skmsgrecvmsg. Also, one instance of a kernel NULL pointer dereferencing was fixed as follows: 224.462334 Call Trace: 224.462394 tcpbpfrecvmsg+0xd3/0x380 224.462441 ? sockhasperm+0x78/0x...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Revert “usb: typec: ucsi: add a common function ucsiunregisterconnectors”. The recent commit 87d0e2f41b8c “usb: typec: ucsi: add a common function ucsiunregisterconnectors” introduced a regression that caused NULL dereferencing...