34292 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint, the netlink PM traverses all local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP correspondin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed handling of incorrect devices during the bond netevent processing. The current implementation of the bond netevent handler only checks whether the handled netdev is a VF representative. However, there is no...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: iouring: Fixed a null-ptr-deref in iotctxexitcb. Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at address 0000000000000138 by task file1/1955 CPU: 1 PID: 195...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: gpio: Restrict the use of GPIO chip IRQ members before initialization. The IRQ members of the GPIO chip are exposed before they can be fully initialized, which leads to race conditions. One such issue was observed with the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A NULL pointer dereference occurred in amdgpudmconnectoraddcommonmodes. In amdgpudmconnectoraddcommonmodes, amdgpudmcreatecommonmode assigns mode to mode, and mode is directly passed to drmmodeprobedadd...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: Fixed the issue of null pointer dereferencing in RTC features. When there is no interrupt line, the RTC alarm feature is disabled. The clearing of the alarm feature bit was performed before allocating the ldata-rtc...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: quota: fixed the loop condition in f2fsquotasync The parameter cnt should be passed to sbhasquotaactive, rather than type, to correctly check the active quota. Moreover, when the type is -1, the compiler, with sufficient...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nbd: The function genlunregisterfamily is called first in nbdcleanup. Otherwise, there may be a race between the removal of the module and the handling of the netlink command, which can lead to an oops as shown below: BUG: Kernel...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: rtc: mt6397: Check the return value after calling platformgetresource. This could lead to a null-ptr-deref issue if platformgetresource returns NULL. Therefore, we need to check the return value...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mfd: davincivoicecodec: Fixed a possible nullptrderef issue in davincivcprobe. This issue could lead to a nullptrderef when using ‘res’. If platformgetresource returns NULL, moving using ‘res’ after devmioremapresource will preve...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fixed a NULL pointer dereferencing in nvmeallocadmintags. In nvmeallocadmintags, adminq can be set to an error typically -ENOMEM if the blkmqinitqueue call fails to set up the queue. This condition is checked immediatel...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: lan966x: Fixed a potential nullptrderef in lan966xstatsinit. lan966xstatsinit calls createsinglethreadworkqueue, without checking the return value. This may result in NULL being returned. A nullptrderef could occur:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: microchip: sparx5: Fixed a potential null-ptr-deref in sparxstatsinit and sparx5start. sparxstatsinit calls createsinglethreadworkqueue, without checking the return value. This may result in NULL being returned. A...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fixed the crash that occurred during decoder allocation. When the decoders of an intermediate port are exhausted by existing regions, and a new region is created with that port in its hierarchical path, the...
Astra Linux – Vulnerability in exiv2
In Exiv2 0.26, there is a null pointer dereference in the Exiv2::DataValue::toLong function located in value.cpp. This issue is related to crafted metadata in a TIFF file...
Astra Linux - уязвимость в linux-5.15
A flaw in the NULL Pointer Dereference mechanism within the Linux kernel’s NTFS3 driver function attrpunchhole was identified. A local user could exploit this flaw to crash the system...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mac802154: fixed the missing INITLISTHEAD in ieee802154ifadd. The kernel fault injection test reports a NULL pointer dereference as follows: BUG: NULL pointer dereferencing in the kernel; address: 0000000000000008 RIP:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fixed error handling in atatdevadd In atatdevadd, the return value of transportadddevice is not checked. As a result, a null-ptr-deref occurs when removing the module, because transportremovedevice is calle...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fixed null pointer dereferencing in pinctrldttomap Here is the BUG report by KASAN regarding null pointer dereferencing: BUG: KASAN: nullptrderef in strcmp+0x2e/0x50 A read of size 1 was performed at address...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: The issue of NULL pointer dereferencing occurred when testing as follows: a Using syscallNRSocket, 0x10ul, 3ul, 0 to create a netlink socket. b Using syscallNRSendMsg, ... to create a bond link device and a vxcan link device, and...