Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: GPU: lontium-lt9611: Fixed a NULL pointer dereference in lt9611connectorinit. A NULL check on bridge-encoder indicates that it may be NULL, but it has already been dereferenced on all paths leading to the check. 812: if...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the issue of unexpected dereferencing of the hive. Check whether the amdgpuhiveinfo hive might be NULL...

Astra Linux - уязвимость в linux-5.15

A issue was discovered in the Linux kernel through version 5.16-rc6. The function rtwinitxmitpriv in drivers/staging/r8188eu/core/rtwxmit.c lacks a check on the return value of rtwallochwxmits, which can lead to a null pointer derefrence...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed the potential NULL pointer dereferencing in nilfsbtreeinsert The patch series “nilfs2: fixes potential issues with empty B-tree nodes” addresses three potential issues with empty B-tree nodes that can occur with...

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstjpegdecnegotiate function in gstjpegdec.c. This function does not check for a NULL return value from gstvideodecodersetoutputstate. When this occurs,...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fixed the null-ptr-deref issue in hugetlbfsParseParam Syzkaller reported a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: checking the return value after calling platformgetresource. This will cause a null-ptr-deref if platformgetresource returns NULL; therefore, we need to check the return value...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bnxten: Adjusted the logging of firmware messages in case the token is released in hwrmsend. If the token is released because token-state equals BNXTHWRMDEFERRED, the released token set to NULL is used in log messages. This issue...

Astra Linux – Vulnerability in Linux

A NULL pointer dereference flaw was discovered in the Linux kernel’s GPU Nouveau driver functionality in versions prior to 5.12-rc1. This flaw allows a local user to crash the system. The flaw occurs when the user calls ioctl DRMIOCTLNOUVEAUCHANNELALLOC...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fixed a potential null-ptr-deref in ip6tablenattableinit. ip6tablenattableinit accesses net-gen-ptrip6tablenatnetops.id, but this function is exposed to user space before the entry is allocated via...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Fixed potential improper pointer dereferencing in bpfsysbpf. The bpfsysbpf helper function allows an eBPF program to load another eBPF program from within the kernel. In this case, the argument union bpfattr pointer along...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: misc: brcmstb-usb-pinmap: check return value after calling platformgetresource This vulnerability could lead to a null-ptr-deref issue if platformgetresource returns NULL. Therefore, we need to check the return value...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Added a check for kstrdup. Added a check on the return value of kstrdup, and return an error if it fails, in order to avoid NULL pointer dereferencing...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed the missing .istwopixelspercontainer field. Starting from version 6.11, the AMDGPU driver, when loaded with amdgpu.dc=1, may cause a NULL pointer dereferencing on PCs with older GPUs, such as R9 280X, due t...

Astra Linux – Vulnerability in dcmtk

A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service DoS attack through a crafted DICOM file...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: clk: Fixed clkhwgetclk when dev is NULL. Any registered clkcore structure may have a NULL pointer in its dev field. Although this has never been officially documented, this is evident from the widespread use of clkregister and...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: netsched: Fixed NULL dereferencing in fifosetlimit. syzbot reported another NULL dereferencing in fifosetlimit. 1 I can reproduce the issue with the following commands: unshare -n tc qd add dev lo root handle 1:0 tbf limit...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fixed a null pointer dereference in btintelreadversion. If hcicmdsyncComplete is triggered and skb is NULL, then hdev-reqskb will also be NULL, which will cause this issue...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Bonding: Fix for xfrm realdev null pointer dereference We should not set realdev to NULL, because packets may still be in transit, and xfrm might call xdodevoffloadok in parallel. All callbacks assume that realdev is set. Example...

Astra Linux – Vulnerability in libde265

It was discovered that libde265 v1.0.10 contains a NULL pointer dereference in the ffhevcputhevcepelpixels8sse function located at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack through a crafted input file...