Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Media: cx23885 – Fixed a nullptrderef bug in bufferprepare and bufferfinish. When the driver calls cx23885riscbuffer to prepare the buffer, the function call dmaalloccoherent may fail, resulting in an empty buffer risc-cpu. Later...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fixed a crash that occurred when freeing an invalid crypto compressor. When cryptoallocacomp fails, it returns an ERRPTR value instead of NULL. The cleanup code in savecompressedimage and loadcompressedimage...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: pinctrl: apple: check the value returned by devmkasprintf. devmkasprintf may return a NULL pointer in case of failure, but this returned value is not checked. This issue has been fixed by code review...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: The issue of null-ptr-deref in vkmsrelease has been fixed. Null-ptr-deref occurs when trying to destroy the workqueue in vkms-output.composerworkq during vkmsrelease. KASAN: Null-ptr-deref occurred in the range...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: ep0: fix NULL pointer exception There is no validation of the index from dwc3wIndextodep, and we might be referring to a non-existent ep, triggering a NULL pointer exception. In certain configurations, we might use few...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt7601u: Fix an integer underflow An integer underflow caused by a null pointer dereference occurred in mt7601urxskbfromseg. The variable dmalen in the URB packet could be manipulated, which could trigger an integer underfl...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmt: fixed an issue with NULL pointer access in crashlog. The use of intelpmtread for binary sysfs requires a pcidev. The current use of the endpoint value is only valid for telemetry endpoint usage. Without th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fixed the issue of parameter context leaks during the damonsysfsnewtestctx function failure. The patch series “mm/damon/sysfs: fixed memory leaks and NULL pointer dereferencing issues”, version 4. DAMONSYSFS may...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: udmabuf: validate ubuf-pagecount Syzbot reported a GPF in sgallocAppendTableFromPages. The problem arose from the condition ubuf-pages == ZEROPTR. ubuf-pagecount is calculated based on arguments passed from the user-space. If the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: coresight: Fixed incorrect handling of the return value of devmkzalloc. The return value of devmkzalloc could potentially be a null pointer. Use !desc.pdata to correct the incorrect handling of this return value...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mtd: Fixed NULL pointer dereferencing caused by the ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereferencing when trying to access ‘gluebi-desc’ in gluebiread. The issue arises...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass an empty environment variable. fwgetenv will use the environment variable entry to determine the style of the environment variables. However, it is legal for the firmware to simply pass an empty...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: riscv: fgraph: Fixed the stack layout to match the archftraceregs argument of ftracereturntohandler. Naresh Kamboju reported a “Bad frame pointer” kernel warning while running the LTP trace ftracestresstest.sh in riscv. We can...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed the missing .istwopixelspercontainer field. Starting from version 6.11, the AMDGPU driver, when loaded with amdgpu.dc=1, may cause a NULL pointer dereferencing on PCs with older GPUs, such as R9 280X. This...

Astra Linux - уязвимость в sane-backends

A NULL pointer dereferencing in the saneiepsonnetread function in SANE backends before version 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, known as GHSL-2020-075...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/FPU: Fixed NULL dereference in avx512status. Problem: When CONFIGX86DEBUGFPU is enabled, reading /proc/kthread/archstatus causes a warning and a NULL pointer dereference. This occurs because the AVX-512 timestamp code uses...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “neighbour”: Fixed null-ptr-deref in neighFlushDev. The kernel test robot reported null-ptr-deref in neighFlushDev. 0 The referenced commit introduced a per-netdev neighbour list and converted neighFlushDev to use it instead of t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel versions 5.8 through 5.19.x, prior to 5.19.16, local attackers who were able to inject WLAN frames into the mac80211 stack could carry out a NULL pointer dereferencing denial-of-service attack against the beacon protection of P2P devices...

Astra Linux - уязвимость в netcdf

A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, when parsing a crafted XML file, performs incorrect memory handling, resulting in a NULL pointer being dereferenced while running strlen on a NULL pointer...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fixed improper pointer dereferencing when the error handler kthread is invalid The commit 66a834d09293 “scsi: core: Fixed error handling of scsihostalloc” changed the allocation logic to call putdevice to perform host...