Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fixed null pointer dereference issues during SSDB/PLD parsing. When functions ipubridgeparserotation and ipubridgeparseorientation are executed, sensor-adev is not set yet. Therefore, if either of these calls...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fixed NULL pointer access issues. This patch ensures that the UCSI driver waits for all pending tasks in the ucsidisplayportwork workqueue to complete execution before proceeding with the partner...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl – Prevent potential NULL dereferencing. The btrtlinitialize function checks whether rtlloadfile either had an error or loaded a zero-length file. However, if it loads a zero-length file, the error code is not set...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: caifvirtio: A mistake in the pointer check in cfvprobe was fixed. delvqs frees virtqueues. Therefore, the pointer cfv-vqtx should be checked for being NULL before calling delvqs. Instead of checking cfv-vdev, this check is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: wifi: cfg80211: tests: Fixed a potential NULL dereference in testcfg80211ParseColocatedAp. kunitkzalloc may return NULL. Dereferencing it without a NULL check may lead to a NULL dereference. Added a NULL check for ies...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – Avoid NULL pointer dereferencing When iterating over the links of a vif, we need to ensure that the pointer is valid in other words, that the link exists before dereferencing it. Use foreachvifactivelink to...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: iommu: Returning the right value in iommusvabinddevice iommusvabinddevice should return either a SVA bond handle or an ERRPTR value in error cases. Existing drivers idxd and uacce only check the return value using ISERR. This...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Since acpiinstallfixedeventhandler automatically enables the event handling mechanism upon success, it is incorrect to call it before the handler routine is ready to handle...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: The commit 5ec8e8ea8b77 “mm/sparsemem: fix race in accessing memorysection-usage” changed pfnsectionvalid to include a READONCE call around “ms-usage” to address a race condition with sectiondeactivate. In this case, ms-usage can...

Astra Linux - уязвимость в linux, linux-5.15

The memory allocation function ACPIALLOCATEZEROED does not guarantee a successful allocation. However, the subsequent code directly dereferences the pointer that receives the result of the allocation, which may lead to a null pointer dereference. To address this issue, a null pointer check should...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: wd33c93: Do not use an outdated SCSI pointer value. A regression was introduced with the commit dbb2da557a6a “scsi: wd33c93: Move the SCSI pointer to private command data”, which resulted in a buffer overflow error in...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-srv: Avoid null pointer deref during path establishment. For RTRS path establishment, the RTRS client initiates and completes connection establishment. After establishing all its connections, information is exchanged...

Astra Linux - уязвимость в binutils

A issue was discovered in elflinkinputbfd within elflink.c, part of the Binary File Descriptor BFD library also known as libbfd, as included in GNU Binutils 2.31. There is a NULL pointer dereferencing issue in elflinkinputbfd when it is used to find STTTLS symbols without a TLS section present. A...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Protection against bad data for the ATIF ACPI method. If a BIOS provides bad data in response to an ATIF method call, this causes a NULL pointer dereference in the caller. The vulnerability has been encountered on at lea...

Astra Linux - уязвимость в libsoup2.4

A flaw was discovered in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Handling of errors when calling otx2mboxgetrsp in otx2flows.c has been improved. A check for the error pointer was added after calling otx2mboxgetrsp...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Added a missing check and a call to free for idaalloc. Added a check on the return value of idaalloc to avoid NULL pointer dereferencing. Additionally, freed the allocated "ctx-id" if mdpm2mopen fails...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: geneve: Make sure to pull the inner header in geneverx. syzbot triggered a bug in geneverx 1 The issue is similar to the one I fixed in commit 8d975c15c0cd: "ip6tunnel: Make sure to pull the inner header in ip6tnlrcv" We need ...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ice: Do not perform transmission before switchdev is fully configured. There is a possibility that iceeswitchportstartxmit might be called while some resources are still not allocated, which could lead to a NULL pointer derefrenc...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: HID: apple: The feature-report field count is validated to prevent NULL pointer dereferencing. A malicious HID device with the APPLEMAGICBACKLIGHT characteristic can trigger a NULL pointer dereference when the powerfeature-report...