7519 matches found
Astra Linux - уязвимость в firefox, thunderbird
Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...
Astra Linux - уязвимость в cups-filters
“Cups-filters” contains backends, filters, and other software necessary to enable the “cups printing service” on operating systems other than macOS. In versions 2.0.1 and earlier, a heap-buffer-overflow vulnerability in the “rastertopclx” filter caused the program to crash with a segmentation fau...
Astra Linux - уязвимость в firefox, thunderbird
JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
Astra Linux - уязвимость в catdoc
There is an integer overflow vulnerability in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted, malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a null-ptr-deref issue in inode-iop in ntfslookup. Syzbot reported a null-ptr-deref bug: ntfs3: loop0: The sector size of NTFS is 1024, while the media sector size is 512. ntfs3: loop0: Marking the volume as...
Astra Linux - уязвимость в binutils
A vulnerability was identified in GNU Binutils 2.45. The affected component is the elfx8664relocatesection function in the file elf64-x86-64.c of the Linker component. This vulnerability causes a heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly...
Astra Linux - уязвимость в dcmtk
It was discovered that DCMTK v3.6.9+DEV contains a buffer overflow issue through the component /dcmimgle/diinpxt.h...
Astra Linux - уязвимость в webkit2gtk
The issue was addressed through improved checks. This issue is fixed in Safari 18.5, iOS 18.5, iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, and watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected process crash...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ubifs: A fix was made to increment the reference count of a page once it is set as private. The MM structure defines a rule 1 very clearly: once a page is marked with the PGprivate flag, the reference count of that page should be...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: xtensa: Fixed the refcount leak issue in the time.c file. In calibrateccount, the offindcompatiblenode function will return a node pointer with the refcount incremented. We should use ofnodeput when this function is no longer...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel before version 4.8, the usbparseendpoint function in drivers/usb/core/config.c did not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products that are no longer supported by the supplier...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platformgetresourcebyname This issue could lead to a null-ptr-deref error if platformgetresourcebyname returns NULL. Therefore, we need to check the return value...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - media: rga: fixed a possible memory leak in rgaprobe. - rga-m2mdev needs to be freed when rgaprobe fails...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Drivers: hv: vmbus: Disabled the option to deactivate sysctlrecordpanicmsg by default in isolated guests. The hvpanicpage may contain information sensitive to guests; do not dump this information to Hyper-V by default in...
Astra Linux - уязвимость в libde265
A buffer overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code through the SAO Sample Adaptive Offset processing of libde265...
Astra Linux - уязвимость в advancecomp
It was discovered that Advancecomp v2.3 contains a heap buffer overflow issue through the leuint32read function in /lib/endianrw.h...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Added a null pointer check to attrloadrunsvcn Some metadata files are processed before the MFT. This requires adding a null pointer check for certain corner cases that could lead to NPD when reading these metadata...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: usb: cdns3 – Fix for use-after-free at workaround 2 BUG: KFENCE – Use-after-free during read operation in listdelentryvalid+0x10/0xac The code snippet cdns3wa2removeoldrequest includes the following steps: c...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: PCI: dwc: Deallocating the EPC memory during errors in dwpcieepinit If dwpcieepinit fails to perform any actions after the EPC memory is initialized and the MSI memory region is allocated, the latter parts will not be...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevents potential Spectre v1 exploits. It seems that cmd could be a Spectre v1 exploit, as it is provided by a user and used as an array index. This vulnerability prevents the contents of kernel memory from being leake...