Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A race condition was detected in the Linux kernel’s sound/hda device driver, specifically in the sndhdacregmapsync function. This can lead to a null pointer dereferencing issue, potentially causing a kernel panic or a denial-of-service attack...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a NULL pointer dereference in ‘niwrite inode’. Syzbot identified the following issue: inability to handle a NULL pointer dereference at the virtual address 0000000000000016. Memory abort information: ESR =...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: eint: Fixed invalid pointer dereferencing for v1 platforms The commit 3ef9f710efcb “pinctrl: mediatek: Added EINT support for multiple addresses” introduced an access to the ‘soc’ field of the struct mtkpinctrl...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Fixed NULL pointer dereferencing by removing unnecessary structure fields. If the driver reads a value that is sufficient for the condition: val & 0x08 && !val & 0x80 && val & 0x7 == val 4 & 0x7 then NULL pointer...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “drm/msm: Add missing check and destroy for allocorderedworkqueue” This change reverts to the previous behavior in commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch attempted to fix the issues related to msmdrminit,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: Reverted “scsi: qla2xxx: Perform lockless command completion in abort path”. This revertment is associated with the commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The committed code added code to qla2x00abortallcmds to ca...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix looping of queued SG entries The value of dwc3request-numqueuedsgs is decremented upon completion. If a partially completed request is processed, then dwc3request-numqueuedsgs no longer reflects the total...

Astra Linux – Vulnerability in openexr

There is a null pointer reference issue in Academy Software Foundation OpenEXR 2.3.0, specifically in the generatePreview function in makePreview.cpp. This issue may lead to a denial of service if a malicious EXR file is used...

Astra Linux – Vulnerability in Linux 5.10, Linux

A flaw was discovered in the Linux kernel. A NULL pointer dereference may occur when the slip driver is in progress to detach at sltxtimeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A vulnerability has been discovered in the Linux kernel. It has been classified as problematic. The affected function is nilfsbmaplookupatlevel in the file fs/nilfs2/inode.c of the nilfs2 component. Manipulation of this function can lead to a null pointer dereference. The attack can be launched...

Astra Linux – Vulnerability in libde265

It was discovered that libde265 v1.0.10 contains a NULL pointer dereference in the ffhevcputhevcepelpixels8sse function located at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack through a crafted input file...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xfrm: added a NULL check in xfrmupdateaeparams Normally, x-replayesn and x-preplayesn should be allocated in xfrmallocreplaystateesn..., hence xfrmupdateaeparams... can update them. However, the current implementation of...

Astra Linux – Vulnerability in hdf5

A issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5Fgetnrefs located in H5Fquery.c. This allows an attacker to cause a Denial of Service attack...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fixed NULL pointer dereferencing in the error path When calling mlxswspacltcamregiondestroy from an error path after failing to attach the region to an ACL group, we encountered a NULL pointer dereferencin...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Null checks for ‘stream’ and ‘plane’ were added before dereferencing them. This commit adds null checks for the ‘stream’ and ‘plane’ variables in the dcn30applyidlepoweroptimizations function. These variables wer...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden the getcpuforacpiid function to prevent errors when a missing CPU entry is used. During a review discussion of the changes to support vCPU hotplug, it was noted that a check was added to ensure the GICC Global...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: TCP: The check skb variable is not NULL in tcprtodeltaus. We have some machines running stock Ubuntu 20.04.6; these machines have a kernel version of 5.4.0-174-generic and are running Ceph. Recently, a NULL pointer dereference...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nfsd: returns -EINVAL when namelen is 0 When we have a corrupted main.sqlite file in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that ha...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handling of a null streamstatus in the planeschangedforexistingstream function. This commit adds a null check for streamstatus in the function planeschangedforexistingstream. Previously, the code assumed that...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42completecopies On the node of an NFS client, some files saved in the mountpoint of the NFS server were copied to another location of the same NFS server. Accidentally, the...