Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uSerial: Added a null pointer check in gSerialsuspend Consider a scenario where gSerialdisconnect has already cleared gser-ioport. If gSerialsuspend is called afterward, it will lead to accessing gser-ioport, thereby...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: q6v5: Fixed a potential null-ptr-deref in q6v5wcssinitmmio The q6v5wcssinitmmio function will call platformgetresourcebyname, which may fail and return NULL. The devmioremap function will use res-start as an...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/pseries/iommu: The IOMMU table is not initialized for kdump over SR-IOV. When the kdump kernel attempts to copy dump data using SR-IOV, LPAR panics due to a NULL pointer exception: - The kernel attempted to read user...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

A NULL pointer dereference vulnerability exists in the Linux kernel on Linux, x86, and ARM platforms including networking and Bluetooth modules. This vulnerability is related to the /net/bluetooth/rfcomm/core.C file. This issue affects the Linux kernel version v2.6.12-rc2...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: gus – fixed a null pointer dereferencing issue in the pointer block. The pointer block returns from sndgf1dmanextblock, and this return value could be null. Therefore, there is a potential null pointer dereferencing issue...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fixed a NULL pointer dereference in pnfsmarkmatchinglsegsreturn. The commit de144ff4234f fixes the issue by changing pnfsreturnlayout to call pnfsmarkmatchinglsegsreturn, with NULL passed as the argument to the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Nullifies the cq-dbg pointer in mlx5debugcqRemove Before this patch, if mlx5CoreDestroyCq failed, the destruction operations continued. However, mlx5CoreDestroyCq could be called again by the user, causing additional...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: crypto: ccp – Fixed null pointer dereference in sevplatformshutdownlocked. The SEV platform device can be shut down with a null pspmaster, for example, by using DEBUGTESTDRIVERREMOVE. This issue was identified using KASAN:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hfi1: Fixed the kernel pointer leak. Pointers should be printed using %p or %px, instead of being cast to unsigned long long and then printed using %llx. Change %llx to %p to print secure pointers...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/bridge: megachips: Fixed a null pointer dereference bug When removing the module, the following warnings will be displayed: 31.911505 i2c-core: Driver stdp2690-ge-b850v3-fw Unregistered 31.912484 General protection fault;...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: ice: Fixed a potential NULL pointer dereference in the icebridgesetlink function. The icebridgesetlink function may encounter a NULL pointer dereference if nlmsgfindattr returns NULL, and brspec is dereferenced subsequently ...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed the potential null dereference issue. The adev-dm.dc pointer can be NULL, and it may be dereferenced in amdgpudmfini without any checks. A NULL pointer check should be added before calling dcdmubsrvdestroy...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: serial: core: Clearing the circular buffer before NULLifying it The circular buffer is NULLified in the uartttyportshutdown function, under the spin lock. However, the PM or other timer-based callbacks may still trigger after thi...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86: The movement of the event pointer was moved earlier in x86pmuenable. A production AMD EPYC system crashed due to a NULL pointer dereference in the PMU NMI handler: BUG: NULL pointer dereference in the kernel, address:...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt7-sdw: harden jackdetecthandler Realtek headset codec drivers typically check if the card is instantiated before proceeding with the jack detection. The rt700, rt711 and rt711-sdca are however missing a check on the card...

Astra Linux - уязвимость в linux

A vulnerability was discovered in the Linux kernel, where the function sunkbdreinit was executed after sunkbdinterrupt had been called, even before sunkbd was freed. Although the dangling pointer is set to NULL in sunkbddisconnect, there is still an alias in sunkbdreinit that leads to a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Check for a null pointer of the pointer substream before dereferencing it. The pointer substream is dereferenced during the assignment of the pointer to the card. This occurs before the substream is checked for nullnes...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fixed the error handling for regmap init. The devmregmapinitmmio function now returns ERRPTR upon an error, instead of NULL. The error check has also been fixed, and the error message has been corrected...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy. The syzbot report indicated that a crash occurred in tcactinHW, during the netns teardown process. In this scenario, tcfidrinfodestroy passed a value of...

Astra Linux – Vulnerability in xorg-server

A use-after-free flaw was detected in the xorg-x11-server. A X server crash may occur in a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode if the pointer is moved from one screen’s window to the root window of another screen, a...