Astra Linux - уязвимость в webkit2gtk

A memory corruption issue has been resolved through improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15, and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux - уязвимость в python3.7

The lib/zipfile.py module in Python, as of version 3.7.2, allows remote attackers to cause a denial of service resource consumption through a ZIP bomb attack...

Astra Linux - уязвимость в libcpanel-json-xs-perl

Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow that causes a segfault when parsing crafted JSON, allowing for denial-of-service attacks or other unspecified impacts...

Astra Linux - уязвимость в freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, there was a race in the serial channel IRP thread tracking that allowed for a heap use-after-free condition when one thread removed an entry from serial-IrpThreads while another read it. This vulnerability h...

Astra Linux - уязвимость в linux, linux-5.10

In the handling of offloads in ipgre.c, there is a possibility of a page fault due to an invalid memory access. This could lead to the disclosure of local information without the need for additional execution privileges. User interaction is not required for exploitation. Product: Android Versions...

Astra Linux - уязвимость в linux

The IBM Power9 AIX 7.1, 7.2, and VIOS 3.1 processors may allow a local user to obtain sensitive information from the data in the L1 cache under certain circumstances. IBM X-Force ID: 189296...

Astra Linux - уязвимость в nbdkit

A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service...

Astra Linux – Vulnerability in gst-plugins-good1.0

In GStreamer through 1.26.1, the isomp4 plugin’s qtdemuxparsetrak function may read past the end of a heap buffer while parsing an MP4 file, potentially leading to information disclosure...

Astra Linux – Vulnerability in libtasn1-6

A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even cause the system to crash. This flaw allows an attacker to send a specially crafted...

The vulnerability of the libgost-astra library in the Astra Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the libgost-astra library in the Astra Linux operating system is related to errors during the automatic configuration of the algorithms according to GOST standards. Exploiting this vulnerability can allow attackers to cause service failures...