77239 matches found
Astra Linux - уязвимость в cjson
In versions of cJSON 1.5.0 through 1.7.18, the decodearrayindexfrompointer function in cJSONUtils.c allows for out-of-bounds access. This enables remote attackers to bypass array bounds checking and access restricted data through malformed JSON pointer strings containing alphanumeric characters...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed the timeout of a call that has not yet been granted a channel. The afsmakecall function calls rxrpc.kernelbegincall to initiate a call which may get stalled in the background while waiting for a connection to become...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: Handling of integer overflows in kmallocreserve The committed change was as follows: c ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This caused various crashes, as reported ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Ring-buffer: Fixed the possibility of dereferencing an uninitialized pointer. There is a pointer called headpage in the function rbmetavalidateevents. This pointer is not initialized at the beginning of the function. This pointer...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it The tcpmstatemachine function does not guarantee that partner registration always succeeds. In the event of a failure, port-partner is set to the error value o...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: ti: am65-cpsw: Fixed the NAPI registration sequence. Registering interrupts for TX or RX DMA channels before registering their respective NAPI callbacks can lead to a NULL pointer derefrence. This issue occurs...
Astra Linux - уязвимость в dcmtk
A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service DoS attack through a crafted DICOM file...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: soc: ti: tiscipmdomains: Check for a null return from devmkcalloc. The devmkcalloc allocation function may fail and return a null pointer. This could lead to a null-pointer dereferencing later. It might be better to check this an...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: drm/virtio: fixed a NULL pointer dereference in virtiogpuconngetmodes. drmcvtmode may return NULL, and we should check for this. This bug was discovered by syzkaller. FAULTINJECTION stacktrace: 168.567394 FAULTINJECTION: forci...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Remove the “MHI autoqueue” feature for IPCR DL channels. The MHI stack provides the “autoqueue” feature, which allows the MHI stack to automatically queue buffers for the RX path DL channels. Although this feature...
Astra Linux - уязвимость в openssl
Issue Summary: An invalid or NULL pointer dereferencing can occur in an application processing a malformed PKCS12 file. Impact Summary: An application processing a malformed PKCS12 file may cause an invalid or NULL pointer to be dereferenced during memory reading, resulting in a Denial of Service...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ublk: Fixed NULL pointer dereferencing in ublkctrlsetsize. The ublkctrlsetsize function dereferes ub-ubdisk unconditionally through setcapacityandnotify, without checking whether ub-ubdisk is NULL. ub-ubdisk becomes NULL befor...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/cs: Commands with 0 chunks result in illegal behavior. Submitting a command with 0 chunks causes a crash later on, discovered while trying to execute the wrong user space driver. MESALOADERDRIVEROVERRIDE=v3d glxinfo...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdwutils: avoid NULL deref when devmkasprintf fails devmkasprintf may return NULL when memory allocation fails. However, the debug message prints cpus-dainame before checking it. Move the devdbg call after the NULL chec...
Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mm/slub: Avoid accessing metadata when the pointer is invalid in objecterr. objecterr reports details about an object for further debugging, such as the freelist pointer, redzone, etc. However, if the pointer is invalid, attempti...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: amphion: Fixed issues related to REVERSEINULL reported by Coverity. Null-checking of a pointor was suggested before dereferencing it...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: clk: xilinx: vcu: unregister pllpost only if registered correctly If the registration of pllpost fails, it will be set to NULL or ERR. Unregistering pllpost will also fail with the following call trace: Unable to handle a NULL...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbuscore Fixed NULL pointer dereferencing. Pass i2cclient to pmbusisenabled to remove the assumption that a regulator device is passed in. This will fix the issue of NULL pointer dereferencing when called from pmbusgetfla...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that initiated the operation. That pointer will be used when the device is completed—which could happen at any time ...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: bpf: devmap: Provide rxq after a redirect. rxq contains a pointer to the device from which the redirect occurred. Currently, the BPF program executed after a redirect via BPFMAPTYPEDEVMAP does not set this pointer. This is...