Astra Linux - уязвимость в qemu

A NULL pointer dereference flaw was discovered in the am53c974 SCSI host bus adapter emulation in QEMU in versions prior to 6.0.0. This issue occurs when handling the “Information Transfer” command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a...

Astra Linux - уязвимость в sqlite3

In SQlite 3.31.1, a potential null pointer derefrence was detected during the INTERSEC query processing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Media: Staging: Zoran: Calculate the correct buffer number for zoranreapstatcom. When tmpdcim=1, the index of the buffer is calculated incorrectly. This can lead to a NULL pointer derefrence later on. Therefore, we need to correc...

Astra Linux - уязвимость в libxml2

In libxml2 versions before 2.12.10 and 2.13.x, before 2.13.6, there is a NULL pointer dereferencing in the xmlPatMatch function in pattern.c...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: misc: alcorpci: fix null-ptr-deref when there is no PCI bridge There is an issue with the ASPM optional capability checking function. A device may be directly connected to the root complex. In this case, bus-selfbridge will be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: Avoid clearing hardware interrupts if hwintr is null during drm uninit. If the edp modeset init fails due to the panel not being ready, and the probe is deferred during drm bind, avoid clearing IRQs and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: lan966x: Fixed a potential nullptrderef in lan966xstatsinit. lan966xstatsinit calls createsinglethreadworkqueue, without checking the return value. This may result in NULL being returned. A nullptrderef could occur:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/smc: Resetting connections when trying to use SMCRv2 fails. We identified a crash when using SMCRv2 with 2 Mellanox ConnectX-4 devices. This issue can be reproduced by running the following commands: - smcrun nginx - smcru...

Astra Linux - уязвимость в net-snmp

The handleipDefaultTTL in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP versions 5.8 through 5.9.3 has a NULL Pointer Exception bug. This bug can be exploited by a remote attacker who has write access to cause the instance to crash via a crafted UDP packet, resulting in a Denial of Service attack...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sm8450: Fix NULL pointer dereference in icclinknodes The change to dynamic IDs for SM8450 platform interconnects left two links unconverted. This issue was fixed to avoid NULL pointer dereference during runtim...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: brwifi: brcmfmac – Fixed a potential kernel error when the probe function fails. When the probe of the sdio brwifi brcmfmac device fails for certain reasons e.g., missing firmware, the sdiodev-bus is set to “error” instead ...

Astra Linux - уязвимость в mariadb-10.3

MariaDB Server versions prior to 10.3.34 through 10.9.3 are vulnerable to Denial of Service attacks. It is possible for the function spiderdbmbase::printwarnings to dereference a null pointer...

Astra Linux - уязвимость в binutils

There is a flaw in binutils /bfd/pef.c. An attacker who can submit a crafted input file for processing by the objdump program could cause a null pointer dereference. The greatest threat of this flaw is to the availability of the application. This flaw affects binutils versions prior to 2.34...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the NULL pointer issue in bufferfuncs. If SDMA block is not enabled, bufferfuncs will not be initialized. Fixing this issue ensures that the NULL pointer issue is addressed when bufferfuncs is not initialized...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed a debugfs null pointer error WHY & HOW Check whether the getsubvpen callback exists before calling it...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: lan966x: A crash occurs when adding an interface under a “lag” condition. A crash occurs when adding one of the lan966x interfaces under a “lag” condition. The issue can be reproduced as follows: bash ip link add name bond0 type...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: pmdomain: ti: Add a null pointer check to the omapprmdomaininit The devmkasprintf function returns a pointer to dynamically allocated memory, which may be NULL in case of failure. Ensure that the allocation was successful by...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fixed NULL pointer dereferencing in the error path When calling mlxswspacltcamregiondestroy from an error path after failing to attach the region to an ACL group, we encountered a NULL pointer dereferencin...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: The issue of slab-use-after-free occurred due to a dangling pointer dqipriv. When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses the syscall to call ocfs2getnextid...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: thermal/int340xthermal: handles datavault when the value is ZEROSIZEPTR. In some cases, GDDV returns a packet with a buffer of zero length. This causes kmemdup to return ZEROSIZEPTR 0x10. As a result, datavaultread encounters a...