Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: The commit 5ec8e8ea8b77 “mm/sparsemem: fix race in accessing memorysection-usage” changed pfnsectionvalid to include a READONCE call around “ms-usage” to address a race condition with sectiondeactivate. In this case, ms-usage can...

Astra Linux - уязвимость в linux, linux-5.15

The memory allocation function ACPIALLOCATEZEROED does not guarantee a successful allocation. However, the subsequent code directly dereferences the pointer that receives the result of the allocation, which may lead to a null pointer dereference. To address this issue, a null pointer check should...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: wd33c93: Do not use an outdated SCSI pointer value. A regression was introduced with the commit dbb2da557a6a “scsi: wd33c93: Move the SCSI pointer to private command data”, which resulted in a buffer overflow error in...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-srv: Avoid null pointer deref during path establishment. For RTRS path establishment, the RTRS client initiates and completes connection establishment. After establishing all its connections, information is exchanged...

Astra Linux - уязвимость в binutils

A issue was discovered in elflinkinputbfd within elflink.c, part of the Binary File Descriptor BFD library also known as libbfd, as included in GNU Binutils 2.31. There is a NULL pointer dereferencing issue in elflinkinputbfd when it is used to find STTTLS symbols without a TLS section present. A...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Protection against bad data for the ATIF ACPI method. If a BIOS provides bad data in response to an ATIF method call, this causes a NULL pointer dereference in the caller. The vulnerability has been encountered on at lea...

Astra Linux - уязвимость в libsoup2.4

A flaw was discovered in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Handling of errors when calling otx2mboxgetrsp in otx2flows.c has been improved. A check for the error pointer was added after calling otx2mboxgetrsp...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Added a missing check and a call to free for idaalloc. Added a check on the return value of idaalloc to avoid NULL pointer dereferencing. Additionally, freed the allocated "ctx-id" if mdpm2mopen fails...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: geneve: Make sure to pull the inner header in geneverx. syzbot triggered a bug in geneverx 1 The issue is similar to the one I fixed in commit 8d975c15c0cd: "ip6tunnel: Make sure to pull the inner header in ip6tnlrcv" We need ...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ice: Do not perform transmission before switchdev is fully configured. There is a possibility that iceeswitchportstartxmit might be called while some resources are still not allocated, which could lead to a NULL pointer derefrenc...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: HID: apple: The feature-report field count is validated to prevent NULL pointer dereferencing. A malicious HID device with the APPLEMAGICBACKLIGHT characteristic can trigger a NULL pointer dereference when the powerfeature-report...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: schets: do not peek at classes beyond ‘nbands’ When the number of DRR classes decreases, the round-robin active list may contain elements that have already been freed in etsqdiscchange. As a result, it’s possible to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed the call trace observed during I/O with CMF enabled. The following issue was observed with CMF enabled: BUG: Using smpprocessorid in a preemptible context. Code: systemd-udevd/31711 Kernel: Caller is...

Astra Linux - уязвимость в open-iscsi

A issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data. It...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm: Fixed a potential nullptrderef in drmvblankDestroyWorker. The call to drmvblankinit includes drmMaddactionorreset, with drmvblankinitRelease as the action. If drmMaddaction fails, it will directly call drmvblankinitReleas...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fixed a null pointer panic in the tracepoint of replaceatomicwriteblock. A kernel panic occurs when oldaddr is NULL. https://bugzilla.kernel.org/showbug.cgi?id=217266 BUG: Null pointer dereferencing in the kernel; address:...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel before version 6.5.9, there is a NULL pointer dereferencing in the sendacknowledge function in net/nfc/nci/spi.c...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Do not leave a dangling sk pointer after an error in l2capsockcreate. The btsockalloc function allocates the sk object and attaches it to the provided sock object. If an error occurs in l2capsockalloc, the sk...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: afcan – Do not leave a dangling sk pointer in cancreate. When the cancreate function fails, it releases the allocated sk object. However, sockinitdata has already attached this object to the provided sock object. This will...