8146 matches found
Astra Linux - уязвимость в cups
OpenPrinting CUPS is an open-source printing system. In versions 2.4.2 and earlier, a heap buffer overflow vulnerability existed, which allowed a remote attacker to launch a Denial-of-Service DoS attack. This vulnerability was present in the formatlogline function. Exploitation of this...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: xen/evtchn: avoided calling WARN when unbinding an event channel. When unbinding a user event channel, the related handler might be called a last time, especially if the kernel was built with CONFIGDEBUGSHIRQ. This could result i...
Astra Linux - уязвимость в linux-6.1, linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed a use-after-free bug in cifsdebugdataprocshow Skipped SMB sessions that are being terminated e.g., @ses-sesstatus == SESEXITING in cifsdebugdataProcShow to avoid use-after-free in @ses. This fixes the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fixed an issue where the peerid of 0 was not found when the connection was disconnected. There is a failure log for this issue, located at ath11kdprxprocessmonstatus. When debugmask is not set to ATH11KDBGDATA, no l...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Account for failed debug initialization. When the SCMI debug subsystem fails to initialize, the related debug root will be missing, and the underlying descriptor will be NULL. This fault condition should be...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iouring: add a schedule point in ioaddbuffers Looping 65535 times doing kmalloc calls can trigger soft lockups, especially with DEBUG features like KASAN. 253.536212 watchdog: BUG: soft lockup - CPU64 stuck for 26s!...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: jfs: xattr: fixed buffer overflow for invalid xattr values. When the xattr size is not as expected, it is printed out to the kernel log in hexadecimal format as a form of debugging. However, when that xattr size is larger than...
Astra Linux - уязвимость в binutils
Heap buffer overflow vulnerability in binutils’ readelf before version 2.40, caused by the displaydebugsection function in the readelf.c file...
Astra Linux - уязвимость в python-django
In Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2, the % debug % template tag does not encode the current context properly. This may lead to Cross-Site Scripting XSS attacks...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: orangefs: The issue in kmemleak in orangefspreparedebugfshelpstring has been fixed. When inserting or removing the orangefs module, the debughelpstring variable may be leaked: - Unreferenced object: 0xffff8881652ba000 size 4096 -...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid use-after-free in ext4extshowleaf In ext4findextent, the path may be freed by an error or reallocated. Therefore, using a previously saved ppath may have already been freed, thereby potentially causing a use-after-fre...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: time/debug: A memory leak was fixed by using debugfslookup. When calling debugfslookup, the result must be processed with dput, otherwise a memory leak will occur over time. To simplify things, simply call debugfslookupandremove,...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: dbg-tlv: Ensure NUL termination The iwlfwiunidebuginfotlv is used as a string; therefore, we must ensure that the string is terminated correctly before using it...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath12k – Fixed NULL access in the assignchannelcontexthandler function. Currently, when the ath12kmacassignviftovdev function fails, the radio handle is accessed from the link VIF handle arvif for debugging purposes. Thi...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Set the correct AMDGPU sg segment limitation. The driver needs to set the correct maxsegmentsize; otherwise, debugdmamapsg will complain about the over-mapping of the AMDGPU sg length as follows: WARNING: CPU: 6 PID:...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Avoid a system hang caused by debug registers when suspended. Attempting to read /sys/kernel/debug/dri/1/hdmi1 regs when the HDMI connection is disconnected results in a fatal system hang. This issue arises due to...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: – The faulty behavior of the mm:resolvefaultymmapregion function has been fixed. The mmapregion function is quite problematic; its control flow is complex and messy, and there are numerous ways in which issues can arise. This...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioedgeport: fix use after free in debug printk The line “devdbg&urb-dev-dev, …” occurs after the function usbfreeurburb. This is a use after free of the “urb” pointer. To avoid this issue, store the “dev” pointer at...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: A kernel oops occurs when the debug level is greater than 2. A null dereference or oops exception will eventually occur when the qla1280.c driver is compiled with DEBUGQLA1280 enabled and when qldebuglevel is great...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: dma-debug: Do not call dmaentryalloccheckleak under freeEntriesLock. dmaEntryallocCheckleak calls into printk, which results in serial console output qcom GenI. It also grabs portLock under freeEntriesLock. This involves a...