77247 matches found
Astra Linux - уязвимость в netcdf
A issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlinternaldtd, when parsing a crafted XML file, performs incorrect memory handling, resulting in a NULL pointer being dereferenced while running strcmp on a NULL pointer...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mailbox: th1520: Fixed a NULL vs ISERR bug. The devmioremap function does not return error pointers; it returns NULL instead. Update the error checking to match this change...
Astra Linux - уязвимость в libsoup2.4
A flaw was discovered in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: libbpf: Null-pointer dereferencing is prevented when the program to be loaded does not have a BTF. In bpfobjecloadprog, there is no guarantee that obj-btf is not NULL when it is passed to btffd. This function does not perform any...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: Single issue: fixed the potential NULL dereference in pcsgetfunction. The pinmuxgenericgetfunction function may return NULL, and the pointer “function” was dereferenced without checking against NULL. Added checking of th...
Astra Linux - уязвимость в exiv2
In Exiv2, from version 0.27.1 onwards, a malicious HTTP server can cause a denial of service crash due to a NULL pointer dereference by returning a crafted response that lacks a space character...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: cihdrcimx: Also search for ‘phys’ handle. When passing ‘phys’ in the device tree to describe the USB PHY handle which is the recommended approach according to Documentation/devicetree/bindings/usb/ci-hdrc-usb2.txt,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ICE: Fixed NULL pointer dereferencing in iceunplugauxdev when resetting. Issuing a reset command while the driver is loaded without RDMA support will result in a crash, as the function attempts to remove a nonexistent auxbus...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: wifi: mwifiex: Do not return unused priv pointers in mwifiexgetprivbyid. mwifiexgetprivbyid returns the priv pointer corresponding to bssnum and bsstype, but without checking whether the priv is actually in use. Unused priv...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Guard for possible null pointer dereferencing REASON In some situations, dc-respool may be null. SOLUTION Check if the pointer is null before dereferencing it...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ARM: OMAP2+: display: Fixed refcount leak bug In omapdssinitfbdev, offindnodebyname will return a node pointer with the refcount incremented. We should use ofnodeput when it is no longer needed...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: LAG, fix logic over MLX5LAGFLAGNDEVSREADY Only set MLX5LAGFLAGFLAGNDEVSREADY if both netdevices are registered. Doing so guarantees that both ldev-pfMLX5LAGP0.dev and ldev-pfMLX5LAGP1.dev have valid pointers when...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca – fixed a situation where the kernel’s NULL pointer dereferencing occurred due to an IO error. The initial settings will be written before the codec probe function is called. However, the rt711-component has not...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Directly freeing partially initialized fsinfo in btrfscheckleakedroots If fsinfo-supercopy or fsinfo-superforcommit allocation failed in btrfsgettreesubvol, then there is no need to call btrfsfreefsinfo. Otherwise,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Avoid NULL pointer dereferencing in aerratelimit When platform firmware provides error information to the OS, for example, via the ACPI APEI GHES mechanism, it may identify a device that does not advertise an AER...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Media: Platform: MediTech: VPU: Fix for NULL pointer dereferencing If pdev is NULL, it is still dereferenced. This fixes the “match warning” issue. Location: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 – vpuloadfirmware...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: pinctrl: canaan: k230: added a NULL check in DT parsing. A NULL check was also added for the return value of ofgetproperty when retrieving the “pinmux” property in the group parser. This prevents a potential NULL pointer...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ice: Added a NULL check in the eswitch lag check. The function icelagisswitchdevrunning is called from outside the LAG event handler code. This results in lag-uppernetdev sometimes being NULL. To avoid dereferencing a NULL pointe...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: can: etases58x: fixed the potential NULL pointer dereferencing on udev-serial. The driver assumed that es58xdev-udev-serial could never be NULL. While this is true for commercially available devices, an attacker could spoof the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Firmware: qcom: scm: smc: Handle missing SCM devices The commit ca61d6836e6f "firmware: qcom: scm: fix a NULL-pointer dereference" makes it explicit that qcomscmgettzmempool may return NULL. Therefore, its users should handle thi...