21064 matches found
Astra Linux - уязвимость в binutils
A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It involves an attempt at excessive memory allocation in the bfdelfslurpversiontables function within elf.c...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Memory allocation should be avoided in iommususpend. The iommususpend system call’s suspend callback is invoked with IRQs disabled. allocating memory using the GFPKERNEL flag may re-enable IRQs during the suspend...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixed a double-free in sidpminit When the allocation of adev-pm.dpm.dynstate.vddcDependenceondispclk.entries fails, amdgpufreeextendedpowertable is called to free some fields of adev. However, when the control flow...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskdestroysock, with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskbindhash; However, the syzkaller’s log...
Astra Linux - уязвимость в glibc
The Name Service Cache Daemon’s nscd netgroup cache uses xmalloc or xrealloc, and these functions may terminate the process due to a memory allocation failure, resulting in a denial of service for clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability ...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: pstore/zone: Added a null pointer check to pszkmsgread. The kasprintf function returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure. Ensure that the allocation was successful by checking...
Astra Linux - уязвимость в firefox
A memory allocation check was missing, which could lead to a “use-after-free” error if the allocation failed. This could potentially trigger a crash or be exploited to achieve code execution. This vulnerability affects Firefox versions less than 126...
Astra Linux - уязвимость в aom
Integer overflows in the libaom internal function imgallochelper can lead to heap buffer overflows. This function can be accessed through three callers: Calling aomimgalloc with a large value of the dw, dh, or align parameter may result in integer overflows during the calculations of buffer sizes...
Astra Linux – Vulnerability in pillow
A issue was discovered in Pillow prior to version 10.0.0. It is a denial-of-service attack where memory is uncontrollably allocated to processing a given task, potentially causing a service to crash due to running out of memory. This occurs for truetype in ImageFont when textlength in an ImageDra...
Astra Linux - уязвимость в imlib2
It was discovered that imlib2 v1.9.1 mishandles memory allocation in the initimlibfonts function...
Astra Linux – Vulnerability in Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fixed the error path in panfrostmmumapfaultaddr Subject: PATCH drm/panfrost: Fixed the error path in panfrostmmumapfaultaddr If some of the page allocations fail, we should not release the previous references to tho...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/ras: Move the data allocation code before the bad page check. In the rare case where eeprom contains only invalid address entries, allocation is skipped, which leads to the following NULL pointer issue: 547.103445 BUG:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: caam – fix DMA corruption on long hmac keys When a key longer than the block size is provided, it is copied and then hashed into the actual key. The memory allocated for the copy needs to be rounded to the DMA cache...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ovpn: TCP – fix for extracting packets from the stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv, which may contain multiple coalesced packets. The current implementation has two...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: Fixed an out-of-bounds access issue in mchpipcgetclusteraggrirq. The clustercfg array is dynamically allocated to hold per-CPU configuration structures. Its size is determined by the number of online CPUs...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ntfs: -dcompare must not block. … So don’t use getname there. Switch it to kmallocPATHMAX, GFPNOWAIT. Yes, ntfsdhash can almost certainly handle smaller allocations, but let the ntfs team deal with that—keep the allocation siz...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: iris: Add the buffer to the list only after a successful allocation. We moved the listaddtail function to after dmaalloc attrs succeeds when creating internal buffers. Previously, the buffer was enqueued into buffers-list...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Corrected the allocation size for bytes controls. The size of the data behind scontrol-ipccontroldata for bytes controls is as follows: 1 sizeofstruct sofipc4controldata + // kernel-only struct 2...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: LoongArch: Fixed missing NULL checks for kstrdup 1. Replaced “offindnodebypath"/"” with “ofroot” to avoid multiple calls to “ofnodeput”. 2. Fixed a potential kernel error during early boot when memory allocation fails while...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/buddy: The BUGON issue has been prevented by validating the rounded allocation size. When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two using rounduppowoftwo. Similarly, for...