76776 matches found
Astra Linux – Vulnerability in libmysofa
Incorrect handling of input data in the verifyAttribute function in the libmysofa library version 0.5 to 1.1 may lead to NULL pointer dereferencing and segmentation faults in cases of restrictive memory protection. In cases without memory restrictions e.g., in embedded environments, it may also...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: dellrbu – Fix for the use of the list parameter in listforeachentry. It is necessary to pass the correct list head to the listforeachentry function when looping through the packet list. Without this patch, reading t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a null-ptr-deref issue in inode-iop in ntfslookup. Syzbot reported a null-ptr-deref bug: ntfs3: loop0: The sector size of NTFS is 1024, while the media sector size is 512. ntfs3: loop0: Marking the volume as...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: reliance on mt76connac2mactxrateval In order to address a potential NULL pointer dereferencing in mt7996macwritetxwi, the mt76connac2mactxrateval utility routine has been exported and reused in the mt7996 driv...
Astra Linux – Vulnerability in Vim
NULL pointer dereferencing in the GitHub repository for vim/vim before version 9.0.0240...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciuart: A missing NULL check was added in h5enqueue. The Syzbot encountered a general protection fault in pmruntimeresume. The issue was due to a missing NULL check. hu-serdev can be NULL, and we should not blindly...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: myrs: Fixed a crash in the error case In myrsdetect, cs-disableintr is a NULL pointer when privdata-hwinit fails with a non-zero value. In this case, myrscleanupcs will attempt to dereference a NULL pointer, causing the...
Astra Linux – Vulnerability in Vim
NULL pointer dereferencing in the GitHub repository for vim/vim before version 8.2.4959...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/smc: Fixed NULL pointer dereferencing in smcvlanbytcpsk. Coverity reports a possible NULL dereferencing issue: - In smcvlanbytcpsk: - 6. returnednull: netdevlowergetnext returns NULL checked 29 out of 30 times. - 7...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: Fixed a NULL pointer dereferencing issue in -remove. The drvdata parameter must be set in probe; otherwise, platformgetdrvdata causes a NULL pointer dereferencing bug in remove...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mvm: Fixed a possible NULL dereference. In iwlmvmremovetimeevent, a check was added to ensure that ‘tedata-vif’ is NULL before dereferencing it...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail out from dwc3gadgetexit if dwc-gadget is NULL. There exists a possible scenario in which dwc3gadgetinit may fail: during the switch between peripheral and host modes in dwc3setmode, and if a pending gadget...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: The issue occurs when testing as follows: a Using syscallNRSocket, 0x10ul, 3ul, 0 to create a netlink socket. b Using syscallNRSendMsg, ... to create a bond link device and a vxcan link device, and binding the vxcan device to the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fixed null pointer dereferencing in pinctrldttomap Here is the BUG report by KASAN regarding null pointer dereferencing: BUG: KASAN: nullptrderef in strcmp+0x2e/0x50 A read of size 1 was performed at address...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ATA: libata-transport: fixed the double call to atahostput in atatportadd In the error path in atatportadd, when calling putdevice, atatportrelease is called. This function decreases the refcount of ‘ap-host’. Then, atahostput is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: Fix error handling in atatportadd In atatportadd, the return value of transportadddevice is not checked. As a result, a null pointer derefrence occurs when removing the module. This occurs because...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ata: libata-transport: fixed error handling in atatlinkadd In atatlinkadd, the return value of transportadddevice is not checked. As a result, a nullptrdereference exception occurs when removing the module, because...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fixed error handling in atatdevadd In atatdevadd, the return value of transportadddevice is not checked. As a result, a null-ptr-deref occurs when removing the module, because transportremovedevice is calle...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ftrace: A null pointer dereference occurred in ftraceaddmod. The @ftracemod is allocated using kzalloc. Therefore, both members prev, next of @ftracemode-list are NULL. This makes calling listdel invalid. If kstrdup for...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iio: accel: mma8452: use the correct logic to get mma8452data. The original logic for getting mma8452data is incorrect. The dev points to the device belonging to iiodev. We cannot use this dev to find the correct i2cclient. The...