Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6060: prevent crash on an unused port If the port is neither a CPU port nor a user port, ‘cpudp’ is a null pointer, and a crash occurs when dereferencing it in mv88e6060setupport: 9.575872 Unable to handle kernel...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Deadlock issue fixed This patch introduces the ucsiconmutexlock and ucsiconmutexunlock functions to the UCSI driver. The ucsiconmutexlock function ensures that the connector mutex is only locked if ...

Astra Linux - уязвимость в sqlite3

The flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN where the right-hand side is a view. This can lead to a NULL pointer dereference or incorrect results...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fixed a UAF in blkcgunpinonline. blkcgunpinonline traverses the blkcg hierarchy to set the object as online. To traverse this hierarchy, it uses blkcgparentblkcg, but this call occurs after blkcgDestroyBlksblkcg, whic...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: Do not leave a dangling sk pointer in ieee802154create sockinitdata attaches the allocated sk object to the provided sock object. If ieee802154create fails later, the allocated sk object is freed, but the danglin...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/arm/malidp: fixed a possible null pointer dereferencing issue. In malidpmwconnectorreset, new memory is allocated using kzalloc, but no checks are performed. To prevent null pointer dereferencings, ensure that mwstate is...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, the variable bounce i.e., go-bootfw is allocated without subsequent deallocation. After the following call chain: saa7134go7007init | | - go7007bootencoder |...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: The pointer to debugfsdir is set to NULL after removing debugfs. If init debugfs fails during device registration due to a memory allocation failure, the function debugfsremoverecursive is called. However, debugfsd...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: pinctrl: ralink: Check for a null return from devmkcalloc. Due to the potential failure of the allocation, data-domains might be a NULL pointer, and this could lead to the dereferencing of a NULL pointer later. Therefore, it migh...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Commands from recovery entries are freed after a session is closed. This leads to a use-after-free error when freeing commands, or a NPE Non-Programmable Error. The call trace is as follows: Time2Retain time...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should never dereference a NULL pointer, as drmatomicgetnewbridgestate may return such a pointer. Instead, assume a fixed format instead...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciconn: now returns ERRPTR instead of NULL when there is no link. hciconnectsco currently returns NULL when there is no link i.e., when hciconnlink returns NULL. scoconnect expects ERRPTR in case of any error see...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: a fix was made to avoid NULL pointer dereferencing in f2fscheckquotaconsistency. The syzbot reported the following f2fs bug: Oops: gen 107.736417T5848 Oops: General protection fault; likely due to a non-canonical address...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dais: Fixed NULL pointer dereferencing if the source graph fails to open. If the source graph fails to open earlier e.g., ADSP rejects due to an incorrect audio reach topology, the graph is closed, and...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305glue.c:198 poly1305updatearch error: memcpy 'dctx-buf' too small 16 vs u32max This issue arises because Smatch marks ‘linklen’...

Astra Linux - уязвимость в u-boot

Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur due to a crafted squashfs filesystem using sbrk, request2size, or because ptrdifft is mishandled on x8664...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: Intel: punitipc – fixed memory corruption. This issue was addressed by correcting the address of the pointer “&punitipcdev” when the intent was to pass the pointer itself “punitipcdev” without the ampersand. This...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: When cloning a zoned device, the btrfszoneddeviceinfo structure associated with the device is not cloned. This issue can lead to a NULL pointer derefrence when accessing the device’s zoneinfo during operations such as...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: move preemptpreparepostamble after error check The call to preemptpreparepostamble is moved after verifying that preemptpostambleptr is valid. If preemptpostambleptr is NULL, dereferencing it in...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: USB: host: isp116x: check the return value after calling platformgetresource. If platformgetresource returns NULL, it may lead to a nullptrderef error. Therefore, we need to check the return value...