Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Added a null pointer check to attrloadrunsvcn Some metadata files are processed before the MFT. This requires adding a null pointer check for certain corner cases that could lead to NPD when reading these metadata...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: cgroup/dmem: Fixed a NULL pointer dereference issue when setting the max value. The following issue was triggered: BUG: NULL pointer dereference in the kernel; Address: 0000000000000000 PF: Supervisor read access in kernel mod...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: GPIB – Fixed the issue with cb7210 pcmcia. The pcmciadriver struct still used the old initialization method for the .name field in the drv field. This caused a NULL pointer dereferencing issue in the strcmp function call...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: um: line: always fill errorout in setuponeline The pointer is not initialized by the callers, but I’ve encountered cases where it is still printed; initialize it in all possible cases within setuponeline...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: The pointer wdev-cqmconfig must be cleared when freeing it during unregistration. This is necessary because the same wdev/netdev may be re-registered in another network namespace, and then destroyed later. Running...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iavf: Fixed NULL pointer dereferencing in iavfgetlinkksettings. Fixed a potential NULL pointer dereferencing issue, caused by freeing adapter-vfres in iavfinitgetresources. The previous commit introduced a regression, where...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fixed error handling in atatportadd In atatportadd, the return value of transportadddevice is not checked. As a result, a nullptrderef exception occurs when removing the module, because transportremovedevic...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we attempt to add an IPv6 nexthop parameter, and IPv6 is not enabled !CONFIGIPV6, we encounter a NULL pointer dereference in the error path of nhcreateipv6...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fixed a possible NULL pointer dereferencing caused by driver concurrency. In dwc2hcdurbenqueue, the statement “urb-hcpriv = NULL” is executed without holding the lock “hsotg-lock”. In dwc2hcdurbdequeue: c...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: pcie: fix possible NULL pointer dereference It is possible that iwlpciprobe will fail and free the trans structure. After that, iwlpciRemove will be called, but it will crash when trying to access a trans structure...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: Do not access a released socket during error recovery. While the error recovery mechanism is temporarily failing due to reconnect attempts, running the nvme list command causes a kernel NULL pointer derefrence by callin...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nvmet: Potential UAF Use-after-Free errors can occur in nvmetreqComplete. The implementation of the nvmetarget-queueresponse operation may free the request passed as an argument. Such an implementation could potentially lead to a...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: dmstats: Check for and propagate the allocpercpu failure. Check the return value of allocprecpu, and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does. Otherwise, a NULL pointer dereferenci...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10, linux-6.1

A issue was discovered in the driver/bluetooth/hcildisc.c file within the Linux kernel 6.2. In hciuartttyioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. The HCIUARTPROTOSET function is called before hu-proto is set. A NULL pointer dereferencing may occur...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spmi: Added a check for a remove callback when removing a SPMI driver. When removing a SPMI driver, a crash may occur due to a NULL pointer dereference if no remove callback is defined. This was observed in a call trace when...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xfrm: Policy issue: Fixing the metadata dst-dev xmit null pointer dereference. When attempting to transmit an skb with metadatadst attached i.e., dst-dev == NULL through the xfrm interface, a null pointer dereference may occur in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handling of actinetdevs allocation failures The kmallocarray function in nfpfllagdowork will return null if physical memory runs out. As a result, if we dereference actinetdevs, null pointer dereferencing bugs may...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre v4, the patch 2039f26f3aca “bpf: Fixed leakage due to insufficient speculative store bypass mitigation” inserts lfence instructio...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race The function sgremovesfpusercontext must not use sgdeviceDestroy after calling scsidevicePut. sgdeviceDestroy accesses the parent scsidevice request queue, which will already be set to NULL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: nl80211 – Fix for NULL-ptr dereference in the offchan check. If, for example, in AP mode, the link has already been created by the user space, but has not yet been activated, it has a chandef field, but the chandef is inval...