Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 109. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 110...

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved bounds checks. This issue has been fixed in tvOS 15.6, watchOS 8.7, iOS 15.6, and iPadOS 15.6, macOS Monterey 12.5, and Safari 15.6. Processing web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in openimageio

There are multiple memory corruption vulnerabilities in the IFFOutput alignment padding functionality of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger...

Astra Linux – Vulnerability in Firefox, Thunderbird

Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs in Thunderbird 91.7. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have...

Astra Linux – Vulnerability in libgsf

There is an integer overflow vulnerability in the Compound Document Binary File format parser of the GNOME Project G Structured File Library libgsf version v1.14.52. A specially crafted file can lead to an integer overflow when processing the directory from the file, allowing an out-of-bounds ind...

Astra Linux – Vulnerability in WebKit2GTK

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15, and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in ipython

IPython Interactive Python is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to a vulnerability that allows arbitrary code to be executed, due to improper management of cross-user...

Astra Linux – Vulnerability in Firefox, Thunderbird

Memory safety bugs exist in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability...

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 126. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 127...

Astra Linux – Vulnerability in joblib

The joblib package from versions 0 and before 1.2.0 is vulnerable to Arbitrary Code Execution through the predispatch flag in the Parallel class, due to the eval statement...

Astra Linux – Vulnerability in WebKit2GTK

A type confusion issue has been addressed through improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, and Safari. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that...

Astra Linux - уязвимость в linux

It was discovered that the eBPF implementation in the Linux kernel failed to properly track bound information for 32-bit registers when performing division and modulo operations. A local attacker could use this vulnerability to potentially execute arbitrary code...

Astra Linux – Vulnerability in WebKit2GTK

A logic issue has been resolved through improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, and tvOS 17.1. Processing web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in Firefox

Mozilla developers reported memory safety bugs in Firefox 86. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects versions of Firefox prior to 87...

Astra Linux – Vulnerability in htmldoc

A flaw was discovered in htmldoc commit 31f7804. A heap buffer overflow in the pdfwritenames function in ps-pdf.cxx may lead to arbitrary code execution and a Denial of Service DoS attack...

Astra Linux – Vulnerability in WebKit2GTK

A vulnerability related to out-of-bounds reads has been addressed through improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2, and iPadOS 15.2, as well as watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code executio...

Astra Linux – Vulnerability in gstreamer1.0, gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

Astra Linux – Vulnerability in Firefox and Thunderbird

Mozilla developers reported memory safety bugs in Firefox 85 and Firefox ESR 78.7. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved memory handling. This issue is fixed in Safari 17.5, iOS 17.5, iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, and watchOS 10.5. Processing web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in Thunderbird, Firefox

Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs in Thunderbird 102.5. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute...