Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: myrs: Fixed a crash in the error case In myrsdetect, cs-disableintr is a NULL pointer when privdata-hwinit fails with a non-zero value. In this case, myrscleanupcs will attempt to dereference a NULL pointer, causing the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: vhost/scsi: A null pointer dereference bug can occur when the guest sends an SCSI AN request. In the function vhostscsiCTLHANDLEVQ, the variable vc.target is assigned the value of &vreq.tmf.lun1 within a switch-case block. This...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ina2xx: avoid NULL pointer dereference on OF device match The affected lines resulted in a NULL pointer dereference on our platform because the device tree contained the following list of compatible strings:...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: iio: accel: mma8452: use the correct logic to get mma8452data The original logic to get mma8452data is wrong, the dev point to the device belong to iiodev. we can't use this dev to find the correct i2cclient. The original logic...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Add checks for devmkcalloc As the devmkcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference...

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. This function does not properly check the validity of the stream-codecpriv pointer. If...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drivers/md/md-bitmap: Check the return value of mdbitmapgetcounter. Check the return value of mdbitmapgetcounter in case it returns a NULL pointer, which would lead to a null pointer dereferencing. v2: Updated the check to includ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ice: The VF VSI pointer value must be checked in icevcaddfdirfltr. As mentioned in the commit baeb705fd6a7 “ice: Always check the VF VSI pointer values”, we need to perform a null pointer check on the return value of icegetvfvsi...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: A crash occurred during the disabling of turbo mode. When the system is booted with the kernel command line arguments “nosmt” or “maxcpus” to limit the number of CPUs, disabling turbo mode by executing: echo...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In md/raid10, the issue of null-ptr-deref in raid10syncrequest has been fixed. In initresync, the mempool is initialized, and conf-havereplacemnt is set to 0 at the beginning of the sync process. closesync frees the mempool when...

Astra Linux – Vulnerability in openjpeg2

It was discovered that openjpeg v 2.5.0 contains a NULL pointer dereference through the /openjp2/dwt.c component...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fanotify: Validate the return value of mntnsfromdentry before dereferencing it. The function dofanotifymark does not validate whether mntnsfromdentry returns NULL before dereferencing mntns-userns. This causes a NULL pointer...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xhci: A null pointer dereference was fixed in the remove function if xHC has only one roothub. The remove function in the xhci platform driver attempts to remove both the main hcd and the shared hcd, even if only the main hcd...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Platform/x86: hp-bioscfg: Fixed kernel panic in the GETINSTANCEID macro. The GETINSTANCEID macro caused a kernel panic when accessing sysfs attributes: 1. Off-by-one error: The loop condition used name without checking whether...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A null pointer check should be added for getfirstactivedisplay. The function modhdcphdcp1enableencryption calls the function getfirstactivedisplay, but does not check its return value. The return value is a null...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor the bind path to use free After a bind/unbind cycle, the ncm-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request. This leads to...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: lgdt3306a: A check against a null-pointer-def was added. The driver should check whether the client provides the platformdata. The following log reveals this issue: 29.610324 BUG: KASAN: nullptrderef in kmemdup+0x30/0x40...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net: dsa section, there is a fix for dereferencing a NULL pointer in dsaportresetvlanfiltering. The “ds” iterator variable used in dsaportresetvlanfiltering overwrites the “dp” parameter received as an argument, which is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue: 1 Add a tc flower filter for VLAN Priority-based frame steering: $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress $ tc qdisc add dev...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: spdifrx: fixed the issue of releasing the DMA channel in stm32spdifrxRemove. In case of an error when requesting the ctrlchan DMA channel, the pointer to ctrlchan is not null. Therefore, releasing the DMA channel lea...