Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: soc: aspeed: lpc-snoop: Do not disable channels that are not enabled. The following issues have been mitigated: echo 1e789080.lpc-snoop /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... 120.363594 Unable to handle kernel...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fixed a missing pointer check in the hdacomponentmanagerinit function. The componentmatchadd function may assign the ‘matchptr’ pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Do not restore null skstatechange. queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection is not established when nvmettcpsetqueuesock is called, then queue-statechange is not set, and...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netlabel: Fixed a NULL pointer exception caused by CALIPSO on IPv4 sockets. When calling netlblconnsetattr, addr-safamily is used to determine the function’s behavior. If sk is an IPv4 socket, but the connect function is called...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed null pointer dereference in bnxtbsTraceCheckWrap. In older firmware versions, we might encounter the ASYNCEVENTCMPLEVENTIDDBGBUFPRODUCER for the firmware trace data type that has not been initialized. This could lea...

Astra Linux - уязвимость в gst-plugins-base1.0

In GStreamer through 1.26.1, the tmplayerparseline function of the subparse plugin may dereference a NULL pointer during the parsing of a subtitle file, resulting in a crash...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: mmcspi: fixed error handling in mmcspiprobe If mmcaddhost fails, there is no need to call mmcremovehost; otherwise, it may cause a null-ptr-deref due to deleting a device that was not properly added in mmcremovehost. To fix...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: guard flow control update with globaltxfc in buffer switching The function mvpp2bmswitchbuffers mvpp2bmpoolupdateprivfc when switching between per-cpu and shared buffer pool modes. This function programs the CM3 flow...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7996: fixed a null pointer dereference in mt7996conftx If a link does not have an assigned channel yet, mt7996viflink returns NULL. We still need to store the updated queue settings in that case and apply them later...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: skmsg: Fixed the incorrect last sg check in skmsgrecvmsg. Also, one instance of a kernel NULL pointer dereferencing was fixed as follows: 224.462334 Call Trace: 224.462394 tcpbpfrecvmsg+0xd3/0x380 224.462441 ? sockhasperm+0x78/0x...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In the ofmodalias function, we can pass the str and len parameters. This could lead to a kernel oops in vsnprintf, as the function only allows passing a NULL pointer when the length is also 0. Additionally, we need to filter out...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash after fscryptencryptpagecacheblocks error The function movedirtyfolioinpagearray was created by the commit ce80b76dd327 "ceph: introduce cephprocessfoliobatch method". The code for this function was moved from...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: tlv320adcx140 – fixed the null pointer issue. The “sndsoccomponent” in “adcx140priv” was only used once and was never set. It was only used to access “dev”, which already exists in “adcx140priv”...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Quota: Fixed the potential NULL pointer dereferencing. The race condition below may cause NULL pointer dereferencing. P1 P2 dquotfreeinode quotaoff dropdquotref removedquotref dquots = idquotinode dquots = idquotinode...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed a dangling pointer in krbauthenticate. krbauthenticate frees sess-user and does not set the pointer to NULL. It calls ksmbdkrb5authenticate to reinitialise sess-user, but that function may return without doing so...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Added a check for kzalloc. Since kzalloc may fail and return a NULL pointer, it’s better to check the return value to avoid dereferencing a NULL pointer. Patch details: https://patchwork.freedesktop.org/patch/514154...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a NULL pointer dereference issue in doabortlogreplay. Coverity reported a NULL pointer dereference issue CID 1666756 in doabortlogreplay. When btrfsallocpath fails in replayonebuffer, wc-subvolpath becomes NULL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Signal: Allocate SSVE storage when restoring ZA The code used to restore a ZA context does not attempt to allocate the task’s svestate before setting TIFSME. As a result, restoring a ZA context may place the task in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: xfs: Do not perform irele after failing to perform iget in xfsattrirecoverwork. xlogrecoveryiget never sets @ip to a valid pointer if it returns an error; therefore, this irele will cause a dangling pointer. This issue has bee...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: rpmsg: glink: Added a check for kstrdup. Added a check on the return value of kstrdup, and return an error if it fails, in order to avoid NULL pointer dereferencing...