Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: Avoid clearing hardware interrupts if hwintr is null during drm uninit. If the edp modeset init fails due to the panel not being ready, and the probe is deferred during drm bind, avoid clearing IRQs and...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Cannot set dstbuffer to done when a late decoding error occurs. The core thread will call v4l2m2mbufdone to set the dstbuffer as done for the late architecture. If v4l2m2mbufdoneandjobfinish is called lat...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: skmsg: Fixed the incorrect last sg check in skmsgrecvmsg. Also, one instance of a kernel NULL pointer dereferencing was fixed as follows: 224.462334 Call Trace: 224.462394 tcpbpfrecvmsg+0xd3/0x380 224.462441 ? sockhasperm+0x78/0x...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a debugfs null pointer error WHY & HOW Check whether the getsubvpen callback exists before calling it...

Astra Linux – Vulnerability in net-snmp

The handleipv6IpForwarding function in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP version 5.4.3 to 5.9.3 has a NULL Pointer Exception bug. This bug can be exploited by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in a Denial of Service attack...

Astra Linux - уязвимость в linux-5.15

A null pointer dereference issue was detected in the can protocol in the net/can/afcan.c file in Linux before Linux. The mlpriv variable may not be initialized in the receive path of CAN frames. A local user could exploit this flaw to crash the system or potentially cause a denial of service...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ftrace: A null pointer dereference occurred in ftraceaddmod. The @ftracemod is allocated using kzalloc. Therefore, both members prev, next of @ftracemode-list are NULL. This makes calling listdel invalid. If kstrdup for...

Astra Linux – Vulnerability in Inkscape

Inkscape version 0.91 has a vulnerability where an uninitialized pointer exists, which may allow an attacker to access unauthorized information...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handling of a null streamstatus in the planeschangedforexistingstream function. This commit adds a null check for streamstatus in the function planeschangedforexistingstream. Previously, the code assumed that...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fixed null pointer dereferencing in pidfffindfields This function triggered a null pointer dereference if it was used to search for a report that wasn’t implemented on the device. This occurred both for optional and...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: A possible null pointer dereference has been fixed in niclear. In a previous commit c1006bd13146, ni-mi.mrec in niwrite inode could be NULL. Therefore, a NULL check was added for this variable. However, in the same call...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/smc: Resetting connections when trying to use SMCRv2 fails. We identified a crash when using SMCRv2 with 2 Mellanox ConnectX-4 devices. This issue can be reproduced by running the following commands: - smcrun nginx - smcru...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: target: The ttaskcdb pointer is reset in the error case. If the allocation of cmd-ttaskcdb fails, it remains NULL, but it is later referenced in the ‘err’ path. In case of an error, the NULL ttaskcdb value is reset to point...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid dereferencing the fcport pointer. Klocwork reported a warning that a NULL pointer might be dereferenced. The routine exits when saCTL is NULL and fcport is allocated after the exit call. This causes the NULL...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed a slab-use-after-free issue caused by a dangling pointer dqipriv. When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses the syscall to call ocfs2getnextid...

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxupdatetracks function within matroska-demux.c. The vulnerability occurs when the gstcapsisequal function is called with invalid caps...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fixed NULL pointer dereferencing when nosmp is used When nosmp is used in the command line, other CPUs are not brought up, leaving their cpcdescptr NULL. CPU0’s iteration via foreachpossiblecpu dereferences these NULL...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: misc: alcorpci: Fix nullptrderef when there is no PCI bridge There is an issue with the ASPM optional capability checking function. A device may be directly connected to the root complex. In this case, bus-selfbridge will be...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netlabel: Fixed a NULL pointer exception caused by CALIPSO on IPv4 sockets. When calling netlblconnsetattr, addr-safamily is used to determine the function’s behavior. If sk is an IPv4 socket, but the connect function is called...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: pmdomain: ti: Add a null pointer check to oprprmdomaininit. devmkasprintf returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure. Ensure that the allocation was successful by checking the...