Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: A potential NULL pointer dereferencing has been fixed in ocfs2setbufferuptodate. During cleanup, if flags do not include OCFS2BHREADAHEAD, it may trigger a NULL pointer dereferencing in the ocfs2setbufferuptodate function,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: IB/hfi1: Fixed an early init panic issue. An early failure in hfi1ipoibsetuprn can lead to the following panic: BUG: Unable to handle a NULL pointer derefrence in the kernel at 00000000000001b0 PGD 0 P4D 0 Oops: 0002 1 SMP NOP...

Astra Linux – Vulnerability in gst-plugins-base1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parselrc function within gstsubparse.c. The parselrc function calls strchr to find the character ‘’ in the string line. The pointer returned by this call ...

Astra Linux – Vulnerability in gst-plugins-base1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function, located in id3v2.c. If id3v2readsynchuint is called with a null work-hdr.framedata, the pointer guint8 data is accessed without validatio...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ATA: libata-transport: fixed the double call to atahostput in atatportadd In the error path in atatportadd, when calling putdevice, atatportrelease is called. This function decreases the refcount of ‘ap-host’. Then, atahostput is...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: smb/server: fixed a potential null-ptr-deref of leasectxinfo in smb2open A null-ptr-deref will occur when reqoplevel == SMB2OPLOCKLEVELLEASE and parseleasestate returns NULL. This issue was fixed by checking whether...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: cx23885 – Fixed a nullptrderef bug in bufferprepare and bufferfinish. When the driver calls cx23885riscbuffer to prepare the buffer, the function call dmaalloccoherent may fail, resulting in an empty buffer risc-cpu. Later...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Thermal: Intel: quarkdts: fixed error pointer dereference. If allocsocdts fails, we can simply return. Trying to free “socdts” will result in a Oops error...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: serial: core: Clearing the circular buffer before NULLifying it The circular buffer is NULLified in the uartttyportshutdown function, under the spin lock. However, the PM or other timer-based callbacks may still trigger after thi...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Net: If sock is not available, do not access sock's skwq in skstreamwaitmemory. The following NULL pointer dereferences have also been fixed: ... 14.471200 Call Trace: 14.471562 14.471882 lockacquire+0x245/0x2e0 14.472416 ?...

Astra Linux – Vulnerability in Qemu

In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, which can lead to a NULL pointer dereferencing...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: bcm2835spihandleerr: Fixed the issue of NULL pointer dereferencing for non-DMA transfers. If an IRQ-based transfer times out, the bcm2835spihandleerr function is called. Since commit 1513ceee70f2 “spi: bcm2835: Drop...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: clk: meson: Added missing clocks to axgclkregmaps Some clocks were missing from axgclkregmaps, which caused kernel panic during the command cat /sys/kernel/debug/clk/clksummary. 57.349402 Unable to handle a NULL pointer...

Astra Linux – Vulnerability in slapi-nis

A flaw was discovered in slapi-nis in versions prior to 0.56.7. A NULL pointer dereferencing during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The greatest threat from this vulnerability is to system availability...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fixed improper pointer dereferencing when the error handler kthread is invalid. The commit 66a834d09293 “scsi: core: Fixed error handling of scsihostalloc” changed the allocation logic to call putdevice to perform hos...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed a NULL pointer dereference when attempting to start a new transaction. BUG Syzbot reported a NULL pointer dereference, accompanied by a crash: FAULTINJECTION: Forced a failure. starttransaction+0x830/0x1670...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Issue: unittest: Fix null pointer dereferencing in ofunittestfindnodebyname Description: When kmalloc fails to allocate memory in kasprintf, variables like name or fullname will be NULL. In this case, strcmp will cause a null...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: pinctrl: canaan: k230: added a NULL check in DT parsing. A NULL check was also added for the return value of ofgetproperty when retrieving the “pinmux” property in the group parser. This prevents a potential NULL pointer...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssgprueth: Fixed NULL pointer dereferencing in pruethprobe. In the pruethprobe function, if one of the calls to emacPhyConnect fails because of ofPhyConnect returning NULL, then the subsequent call to phyattachedinfo...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed NULL pointer dereferencing in VSI filter synchronization. The issue of NULL pointer dereferencing in sync VSI filters has been eliminated. A new I40EVSIRELEASING flag was added to indicate the deletion and release of...