Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/mxsfb: Disabling the overlay plane in mxsfbplaneoverlayatomicdisable When disabling the overlay plane in mxsfbplaneoverlayatomicupdate, the framebuffer pointer of the overlay plane is NULL. Therefore, dereferencing it would...

Astra Linux – Vulnerability in edk2

Null pointer dereferencing in Tianocore EDK2 may allow an authenticated user to potentially enable privilege escalation through local access...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Assign the job pointer to NULL before signaling the fence In commit e4b5ccd392b9 “drm/v3d: Ensure the job pointer is set to NULL after the job completes”, we introduced a change to assign the job pointer to NULL after...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: check p-vecbuf for NULL When the PAGEMAPSCAN ioctl is invoked with veclen = 0 and results in pagemapscanbackoutrange, the kernel panics due to a null-ptr-deref. 44.936808 Oops: general protection fault, likely fo...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: sunrpc: Fixed the issue of null pointer dereferencing on zero-length checksums. In xdrstreamdecodeopaqueauth, the value of checksum.len causes checksum.data to be set to NULL. This triggers a NPD when accessing checksum.data in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Invalid parameter check in dpusetupdspppcc The function performs a check on the “ctx” input parameter, however, it is used before the check. The “base” variable is initialized after the sanity check to avoid a possib...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A race condition was detected in the Linux kernel’s sound/hda device driver, specifically in the sndhdacregmapsync function. This can lead to a null pointer dereferencing issue, potentially causing a kernel panic or a denial-of-service attack...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a NULL pointer dereference in ‘niwrite inode’. Syzbot identified the following issue: inability to handle a NULL pointer dereference at the virtual address 0000000000000016. Memory abort information: ESR =...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: eint: Fixed invalid pointer dereferencing for v1 platforms The commit 3ef9f710efcb “pinctrl: mediatek: Added EINT support for multiple addresses” introduced an access to the ‘soc’ field of the struct mtkpinctrl...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Fixed NULL pointer dereferencing by removing unnecessary structure fields. If the driver reads a value that is sufficient for the condition: val & 0x08 && !val & 0x80 && val & 0x7 == val 4 & 0x7 then NULL pointer...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “drm/msm: Add missing check and destroy for allocorderedworkqueue” This change reverts to the previous behavior in commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch attempted to fix the issues related to msmdrminit,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: Reverted “scsi: qla2xxx: Perform lockless command completion in abort path”. This revertment is associated with the commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The committed code added code to qla2x00abortallcmds to ca...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix looping of queued SG entries The value of dwc3request-numqueuedsgs is decremented upon completion. If a partially completed request is processed, then dwc3request-numqueuedsgs no longer reflects the total...

Astra Linux – Vulnerability in openexr

There is a null pointer reference issue in Academy Software Foundation OpenEXR 2.3.0, specifically in the generatePreview function in makePreview.cpp. This issue may lead to a denial of service if a malicious EXR file is used...

Astra Linux – Vulnerability in Linux 5.10, Linux

A flaw was discovered in the Linux kernel. A NULL pointer dereference may occur when the slip driver is in progress to detach at sltxtimeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A vulnerability has been discovered in the Linux kernel. It has been classified as problematic. The affected function is nilfsbmaplookupatlevel in the file fs/nilfs2/inode.c of the nilfs2 component. Manipulation of this function can lead to a null pointer dereference. The attack can be launched...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xfrm: added a NULL check in xfrmupdateaeparams Normally, x-replayesn and x-preplayesn should be allocated in xfrmallocreplaystateesn..., hence xfrmupdateaeparams... can update them. However, the current implementation of...

Astra Linux – Vulnerability in hdf5

A issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5Fgetnrefs located in H5Fquery.c. This allows an attacker to cause a Denial of Service attack...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fixed NULL pointer dereferencing in the error path When calling mlxswspacltcamregiondestroy from an error path after failing to attach the region to an ACL group, we encountered a NULL pointer dereferencin...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Null checks for ‘stream’ and ‘plane’ were added before dereferencing them. This commit adds null checks for the ‘stream’ and ‘plane’ variables in the dcn30applyidlepoweroptimizations function. These variables wer...