Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: fixed potential NULL pointer dereferencing in ncmbitrate In Google’s internal bug report 265639009, we received a crash report from a aarch64 GKI 5.10.149-android13 running device. According to the report, the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: powercap: intelrapl: A NULL pointer dereference issue has been fixed. A NULL pointer dereference occurs when probing the MMIO RAPL driver on platforms where the CPU ID is not listed in the intelraplcommon CPU model list. This...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm: Fixed a potential null-ptr-deref due to drmmmodeconfiginit. drmmmodeconfiginit will call drmmodecreatestandardproperties, and it does not check the return value. When drmmodecreatestandardproperties fails due to allocatio...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uSerial: Added a null pointer check in gSerialsuspend Consider a scenario where gSerialdisconnect has already cleared gser-ioport. If gSerialsuspend is called afterward, it will lead to accessing gser-ioport, thereby...

Astra Linux - уязвимость в ffmpeg, ffmpeg5

There is a NULL pointer dereference vulnerability in FFmpeg’s Firequalizer filter libavfilter/affirequalizer.c. This vulnerability arises due to a missing check on the return value of avmallocarray in the configinput function. An attacker could exploit this vulnerability by tricking a victim into...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fixed a NULL pointer in canacceptnewsubflow. When testing the valkey benchmark tool with MPTCP, the kernel panics in mptcpcanacceptnewsubflow because subflowreq-msk is NULL. The call trace is as follows:...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A race condition was detected in the Linux kernel’s DRM/Exynos device driver, specifically in the exynosdrmcrtcatomicdisable function. This can lead to a null pointer dereferencing issue, which may potentially cause a kernel panic or a denial of service...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: lltemac: The function platformgetresource was replaced with the function devmplatformioremapresourcebyname. This function is called using 0 as the name. Eventually, this leads to a call to platformgetresourcebyname in the ca...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed the potential use of a null pointer in destroyworkqueue within the error path of initcifs. Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 initcifs Error: We previously assumed th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: streamzap: Fixed a race condition between device disconnection and urb callback. Syzkaller has reported a general protection fault in the function irraweventstorewithfilter. This crash occurs due to a NULL pointer...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: iio: core: Prevent invalid memory access when there is no parent device. The commit 813665564b3d “iio: core: Convert to use firmware node handle instead of OF node” changed the type of nodes used for label retrieval in device...

Astra Linux - уязвимость в libarchive

In libarchive before version 3.6.2, the software does not check for an error after calling the calloc function. This function may return a NULL pointer if it fails, leading to a NULL pointer being dereferenced. NOTE: The discoverer cites this CWE-476 issue, but third parties dispute its impact on...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: xhci: Handling of TD clearing for multiple streams When multiple streams are in use, multiple TDs might be active during the termination of an endpoint. We need to issue a Set TR Dequeue Pointer for each TD to ensure everything i...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: fixed integer types and null check locations Reason: Issues fixed: - Comparison with a wider integer type in the loop condition, which could lead to infinite loops. - Dereferencing a pointer before performing ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Net: Do not write to msggetinq in the callee. This fix addresses the issue of NULL pointer dereferencing. msggetinq is an input field from the caller to the callee. Do not set it in the callee, as the caller may not clear it duri...

Astra Linux - уязвимость в gst-plugins-base1.0

In GStreamer through 1.26.1, the subparse plugin’s subripunescapeformatting function may dereference a NULL pointer during the parsing of a subtitle file, resulting in a crash...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Avoid NULL pointer dereferencing for evicted BOs It is possible for a BO to exist that is not currently associated with a resource, for example, because it has been evicted. When devcoredump attempts to read the contents...

Astra Linux - уязвимость в net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials could use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 includes a patch to address...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fixed a possible null-ptr-deref issue when initializing hardware. The result of the avsdaifindpathtemplate function must be verified before being used. Since the ‘template’ is already known when...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sfc: Fixed the null pointer dereference in efxhardstartxmit. Trying to access the channel through the txqueue variable is incorrect because we can only be in this situation if txqueue is NULL. Therefore, we should not dereference...