77237 matches found
Astra Linux - уязвимость в sqlite3
The file ext/fts3/fts3snippet.c in SQLite before version 3.32.0 contains a NULL pointer dereferencing issue due to a malicious matchinfo query...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: virtio-net: The received length check for large packets has been fixed. Since commit 4959aebba8c0 “virtio-net: Use MTU size as buffer length for large packets”, when the guest gso is disabled, the allocated size for large packets...
Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tee: Fix NULL pointer dereference in teeshmput teeshmput has a NULL pointer dereference: opteedisableshmcache shm = regpairtoptr...; // shm may return NULL teeshmfreeshm; teeshmputshm; // results in a crash Add a check in teeshmp...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-usb: Fix an NULL vs ISERR bug The qmpusbiomap helper function currently returns the raw result of devmioremap for non-exclusive mappings. Since devmioremap may return a NULL pointer, and the caller only checks error...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: arcnet: Add a NULL check in com20020pciprobe. devmkasprintf returns NULL when memory allocation fails. Currently, com20020pciprobe does not check for this case, resulting in a NULL pointer being dereferenced. Add a NULL check aft...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: atomisp: sshcss: Fixed a null pointer dereference in loadvideobinaries. The allocation failure of mycs-yuvscalerbinary in loadvideobinaries is followed by a dereference of mycs-yuvscalerbinary after the following call chai...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix null pointer dereference in resolveprogtype for BPFPROGTYPEEXT When loading an EXT program without specifying attr-attachprogfd, the prog-aux-dstprog will be null. At this time, calling resolveprogtype anywhere will resu...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: clk: zynq – Prevent null pointer dereferencing caused by kmalloc failures The kmalloc function in zynqclksetup will return null if physical memory runs out. As a result, if we use snprintf to write data to a null address, a null...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netfs: Fixed a NULL pointer dereferencing in netfsunbufferedwrite, when a write subrequest is marked as NETFSSREQNEEDRETRY. When the retry path in netfsunbufferedwrite calls stream-preparewrite without checking whether...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: seg6: Fixed parameter passing when calling NFHOOK in the End.DX4 and End.DX6 behaviors. The functions inputactionenddx4 and inputactionenddx6 call NFHOOK for the PREROUTING hook. During the PREROUTING hook, a valid indev and a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: This vulnerability addresses the issue of hardening the uplink netdev access in case the device is unbound from the mlx5core. The function mlx5uplinknetdevget retrieves the uplink netdevice pointer from...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ima: Avoid blocking in the RCU read-side critical section. A panic occurs in imamatchpolicy: BUG: Unable to handle a NULL pointer dereferencing in the kernel at 0000000000000010. PGD 42f873067 P4D 0 Oops: 0000 1 SMP NOPTI CPU:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: watchqueue: Fixed NULL dereference in error cleanup. In watchqueuesetsize, the error cleanup code does not take into account that freepage cannot handle a NULL pointer when trying to free buffer pages that have been allocated. Th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate BOOT recordsize When the NTFS BOOT recordsize field is less than 0, it represents a shift value. However, there is no sanity check on the shift result, and the sbi-recordbits calculation using blksizebits assum...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ovl: fixed null pointer dereferencing in ovlgetaclrcu The sequence of operations is as follows: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlget inodeacl...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4851: fix ad4858 channel pointer handling The pointer returned by ad4851parseChannelscommon is incremented internally as each channel is populated. In ad4858ParseChannels, the same pointer was further incremented whil...
Astra Linux - уязвимость в cjson
In versions of cJSON 1.5.0 through 1.7.18, the decodearrayindexfrompointer function in cJSONUtils.c allows for out-of-bounds access. This enables remote attackers to bypass array bounds checking and access restricted data through malformed JSON pointer strings containing alphanumeric characters...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed the timeout of a call that has not yet been granted a channel. The afsmakecall function calls rxrpc.kernelbegincall to initiate a call which may get stalled in the background while waiting for a connection to become...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: Handling of integer overflows in kmallocreserve The committed change was as follows: c ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This caused various crashes, as reported ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Ring-buffer: Fixed the possibility of dereferencing an uninitialized pointer. There is a pointer called headpage in the function rbmetavalidateevents. This pointer is not initialized at the beginning of the function. This pointer...