Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: power: supply: fixed null pointer dereferencing in powersupplygetbatteryinfo. When kmalloc fails to allocate memory in kasprintf, propname will be NULL. The strcmp function called by ofgetproperty will cause a null pointer...

Astra Linux – Vulnerability in faad2

A issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function getsample located in output.c. This allows an attacker to cause a Denial of Service attack...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drbd: Only clone the bio if there is a backing device available. The commit c347a787e34cb drbd: changed -bibdev to -bibdev in drbdreqnew moved the biosetdev call which has since been removed to an earlier stage, from...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: blk-throttle: Fixed an access race issue during the activation of the throttle policy. During repeated cold boots, we occasionally encountered a NULL pointer crash in blkshouldthrotl, when checking the throttle policy before t...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nvmet: avoided potential UAF in nvmetreqComplete. The implementation of the nvme target-queueresponse operation may free the request passed as an argument. Such an implementation could potentially lead to a use-after-free of the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035i2cmasterxfer In af9035i2cmasterxfer, msg is controlled by the user. When msgi.buf is null and msgi.len is zero, previous checks on msgi.buf will still be performed. Maliciou...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: soc: bcm: Check for a NULL return from devmkzalloc. As a potential failure during allocation, devmkzalloc may return NULL. Then, pd-pmb and the subsequent lines of code may lead to a null pointer dereferencing. Therefore, it is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcm80211 – Handle PMKOP allocation failures The kzalloc function in brcm80211pmksav3op will return null if physical memory runs out. As a result, if we dereference the null value, a null pointer dereference bug will occur...

Astra Linux – Vulnerability in libmysofa

Incorrect handling of input data in the verifyAttribute function in the libmysofa library version 0.5 to 1.1 may lead to NULL pointer dereferencing and segmentation faults in cases of restrictive memory protection. In cases without memory restrictions e.g., in embedded environments, it may also...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: kernfs: a potential NULL dereference occurred in kernfsremove. When lockdep is enabled, lockdepassertheldwrite could cause a potential NULL pointer dereference. The following smatch warnings have also been fixed:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cxl: Fixed a race condition involving the nvdimmbus object when creating nvdimm objects. A issue was found during the execution of the cxl-translate.sh unit test. Adding a 3-second sleep right before the test seems to make the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: fixed a memory leak in hciupdateadvdata. When hcicmdsyncqueue fails in hciupdateadvdata, the instptr is not freed, which can lead to a memory leak. To address this issue, ERRPTR/PTRERR was used instead of...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/ttm: Fixed the bug where a dummy res NULL pointer was dereferenced. Check the bo-resource value before accessing the memtype resource. v2: Fixed an issue with the commit description unwrapping warning. 40.191227 T184 Gener...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: reset: uniphier-glue: Fix possible null-ptr-deref It will cause null-ptr-deref when resourcesizeres invoked, if platformgetresource returns NULL...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: traceeventshist: A check was added to ensure that the return value of createhistfield is checked. The function createhistfield is called recursively at line 1954 of traceeventshist.c, and it may return a NULL value. Therefore, we...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices The probe function is only used for the DP83822 PHY; the private data pointer remains uninitialized for the smaller DP83825/26 models. While all uses of the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: acpi: Fix for suspending with Xen PV The commit f1e525009493 “x86/boot: Skip realmode init code when running as Xen PV guest” missed one code path that accessed the realmodeheader. This led to a situation where a NULL pointer was...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: igc: Restored the IGCREMOVED logic and implemented it correctly. The initially merged version of the igc driver code via commit 146740f9abc4, “igc: Add support for PF” contained the following IGCREMOVED checks in the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915/gvt: fixed the issue where vGPU debugfs was cleaned up during the remove operation. Check carefully whether the root debugfs is available when destroying the vGPU. For example, in the remove operation, the DRM minor’s...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: core: A NULL dereference was prevented in generichwtstampioctllower. The ethtool tsconfig Netlink path can trigger a null pointer dereference. A call chain such as: tsconfigpreparedata - devgethwtstampphylib - vlanhwtstampge...