Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: clk: meson: Added missing clocks to axgclkregmaps Some clocks were missing from axgclkregmaps, which caused kernel panic during the command cat /sys/kernel/debug/clk/clksummary. 57.349402 Unable to handle a NULL pointer...

Astra Linux – Vulnerability in netcdf

A issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlinternaldtd, when parsing a crafted XML file, performs incorrect memory handling, resulting in a NULL pointer being dereferenced while running strcmp on a NULL pointer...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: mtu3: Fixed the kernel panic that occurred when the qmu transfer was completed and the irq handler was called. When handling the qmu transfer irq, the @mtu-lock is unlocked before returning the request. If another thread...

Astra Linux – Vulnerability in Squid

Squid is a caching proxy for the Web that supports HTTP, HTTPS, FTP, and other protocols. Due to a NULL pointer dereference bug, Squid is vulnerable to Denial of Service attacks targeting its Gopher gateway. The Gopher protocol was always available and enabled in Squid prior to Squid 6.0.1...

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel through version 5.11.x. The kernel/bpf/verifier.c file contains unwanted out-of-bounds speculation during pointer arithmetic operations, which allows for side-channel attacks that circumvent Spectre mitigations and extract sensitive information from kern...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: power: supply: fixed null pointer dereferencing in powersupplygetbatteryinfo. When kmalloc fails to allocate memory in kasprintf, propname will be NULL. The strcmp function called by ofgetproperty will cause a null pointer...

Astra Linux – Vulnerability in faad2

A issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function getsample located in output.c. This allows an attacker to cause a Denial of Service attack...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mt76: mt7915: fixed the possible NULL pointer dereferencing in mt7915macfillrxvector. Fixed the possible NULL pointer dereferencing in mt7915macfillrxvector if the chip does not support dbdc and the hardware reports bandidx se...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drbd: Only clone the bio if there is a backing device available. The commit c347a787e34cb drbd: changed -bibdev to -bibdev in drbdreqnew moved the biosetdev call which has since been removed to an earlier stage, from...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: blk-throttle: Fixed an access race issue during the activation of the throttle policy. During repeated cold boots, we occasionally encountered a NULL pointer crash in blkshouldthrotl, when checking the throttle policy before t...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nvmet: avoided potential UAF in nvmetreqComplete. The implementation of the nvme target-queueresponse operation may free the request passed as an argument. Such an implementation could potentially lead to a use-after-free of the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035i2cmasterxfer In af9035i2cmasterxfer, msg is controlled by the user. When msgi.buf is null and msgi.len is zero, previous checks on msgi.buf will still be performed. Maliciou...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: soc: bcm: Check for a NULL return from devmkzalloc. As a potential failure during allocation, devmkzalloc may return NULL. Then, pd-pmb and the subsequent lines of code may lead to a null pointer dereferencing. Therefore, it is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcm80211 – Handle PMKOP allocation failures The kzalloc function in brcm80211pmksav3op will return null if physical memory runs out. As a result, if we dereference the null value, a null pointer dereference bug will occur...

Astra Linux – Vulnerability in libmysofa

Incorrect handling of input data in the verifyAttribute function in the libmysofa library version 0.5 to 1.1 may lead to NULL pointer dereferencing and segmentation faults in cases of restrictive memory protection. In cases without memory restrictions e.g., in embedded environments, it may also...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: kernfs: a potential NULL dereference occurred in kernfsremove. When lockdep is enabled, lockdepassertheldwrite could cause a potential NULL pointer dereference. The following smatch warnings have also been fixed:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cxl: Fixed a race condition involving the nvdimmbus object when creating nvdimm objects. A issue was found during the execution of the cxl-translate.sh unit test. Adding a 3-second sleep right before the test seems to make the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: fixed a memory leak in hciupdateadvdata. When hcicmdsyncqueue fails in hciupdateadvdata, the instptr is not freed, which can lead to a memory leak. To address this issue, ERRPTR/PTRERR was used instead of...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/ttm: Fixed the bug where a dummy res NULL pointer was dereferenced. Check the bo-resource value before accessing the memtype resource. v2: Fixed an issue with the commit description unwrapping warning. 40.191227 T184 Gener...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: reset: uniphier-glue: Fix possible null-ptr-deref It will cause null-ptr-deref when resourcesizeres invoked, if platformgetresource returns NULL...