Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A race condition was detected in the Linux kernel’s sound/hda device driver, specifically in the sndhdacregmapsync function. This can lead to a null pointer dereferencing issue, potentially causing a kernel panic or a denial-of-service attack...

Astra Linux - уязвимость в qemu

A NULL pointer dereference flaw was discovered in the floppy disk emulator of QEMU. This issue occurs when processing read/write ioport commands, especially if the selected floppy drive is not initialized using a block device. This flaw allows a privileged guest user to crash the QEMU process on...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ice: Fixed NULL pointer dereferencing in icevsisetnapiqueues. Added NULL pointer checks in icevsisetnapiqueues to prevent crashes during resume from suspend when ringsqidx-qvector is NULL. Tested adapter: 60:00.0 Ethernet...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6060: prevent crash on an unused port If the port is neither a CPU port nor a user port, ‘cpudp’ is a null pointer, and a crash occurs when dereferencing it in mv88e6060setupport: 9.575872 Unable to handle kernel...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Deadlock issue fixed This patch introduces the ucsiconmutexlock and ucsiconmutexunlock functions to the UCSI driver. The ucsiconmutexlock function ensures that the connector mutex is only locked if ...

Astra Linux - уязвимость в sqlite3

The flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN where the right-hand side is a view. This can lead to a NULL pointer dereference or incorrect results...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fixed a UAF in blkcgunpinonline. blkcgunpinonline traverses the blkcg hierarchy to set the object as online. To traverse this hierarchy, it uses blkcgparentblkcg, but this call occurs after blkcgDestroyBlksblkcg, whic...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: Do not leave a dangling sk pointer in ieee802154create sockinitdata attaches the allocated sk object to the provided sock object. If ieee802154create fails later, the allocated sk object is freed, but the danglin...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/arm/malidp: fixed a possible null pointer dereferencing issue. In malidpmwconnectorreset, new memory is allocated using kzalloc, but no checks are performed. To prevent null pointer dereferencings, ensure that mwstate is...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, the variable bounce i.e., go-bootfw is allocated without subsequent deallocation. After the following call chain: saa7134go7007init | | - go7007bootencoder |...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: The pointer to debugfsdir is set to NULL after removing debugfs. If init debugfs fails during device registration due to a memory allocation failure, the function debugfsremoverecursive is called. However, debugfsd...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: pinctrl: ralink: Check for a null return from devmkcalloc. Due to the potential failure of the allocation, data-domains might be a NULL pointer, and this could lead to the dereferencing of a NULL pointer later. Therefore, it migh...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Added error handling for retrieving the RX metadata pointer. Proper error checking was added for the dmaenginedescgetmetadataptr function, which may return an error pointer, potentially leading to crashes or...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed the NULL pointer dereferencing issue in the early fallback to fastopen. In the event of an early fallback to TCP, subflowsynrecvsock deletes the subflow context before returning the newly allocated socket to the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: IB/hfi1: Fix for early init panic An early failure in hfi1ipoibsetuprn can lead to the following panic: BUG: Unable to handle a NULL pointer derefrence in the kernel at 00000000000001b0 PGD 0 P4D 0 Oops: 0002 1 SMP NOPTI...

Astra Linux - уязвимость в squid

Squid is a caching proxy for the Web that supports HTTP, HTTPS, FTP, and other protocols. Due to a NULL pointer dereference bug, Squid is vulnerable to Denial of Service attacks targeting its Gopher gateway. The Gopher protocol was always available and enabled in Squid prior to Squid 6.0.1...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Masking of ring interrupts before the ring stop request is made. The bus cleanup path in DMA mode may trigger a RINGOPSTAT interrupt when the ring is being stopped. Depending on the timing between the completio...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: Reverted “scsi: qla2xxx: Perform lockless command completion in abort path”. This revert is associated with commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The committed code added code to qla2x00abortallcmds to call sp-do...

Astra Linux - уязвимость в apache2

The Apache HTTP Server protocol handler for the HTTP/2 protocol checks the received request headers against the size limitations configured for the server. These restrictions are also applied to the HTTP/1 protocol. If any violations occur, an HTTP response is sent to the client with a status cod...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: Check the result of jffs2preallocrawnoderefs in a few other locations. Fuzzing revealed another invalid pointer dereferencing due to the lack of checking whether jffs2preallocrawnoderefs was completed successfully...