2480 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: md/bitmap: Do not set sb values if the sanity check fails. If the bitmap area contains invalid data, the kernel will crash. Then mdadm will trigger a “Segmentation fault”. This is a bug specific to cluster-md. In non-clustered...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid allocating blocks from a group with a corrupted block bitmap in ext4mbtrybestfound. Determine whether the group block bitmap is corrupted before using acbex in ext4mbtrybestfound to prevent allocating blocks from a...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: udf: Avoid using corrupted block bitmap buffers. When the filesystem’s block bitmap is corrupted, we detect the corruption while loading the bitmap. As a result, allocation attempts fail with an error. However, the next allocatio...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: block: RCU protection for disk-convzonesbitmap It is ensured that revalidating a disk by changing the conventional zones bitmap does not cause invalid memory references when using the helper function diskzoneisconv. This function...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: corrected the bitmaplimit value for clustermd when writing sb. In clustermd, separate write-intent-bitmaps are used for each cluster node: 0 4k 8k 12k...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: drivers/md/md-bitmap: Check the return value of mdbitmapgetcounter. Check the return value of mdbitmapgetcounter in case it returns a NULL pointer, which would lead to a null pointer dereferencing. v2: Updated the check to includ...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: KVM: VMX: Fixed a crash that occurred due to an uninitialized currentvmcs. KVM enables “Enlightened VMCS” and “Enlightened MSR Bitmap” when running as a nested hypervisor on top of Hyper-V. When the MSR bitmap is updated, the...
Astra Linux - уязвимость в ntfs-3g
A properly crafted NTFS image with an unallocated bitmap can lead to an endless recursive function call chain starting from ntfsattrpwrite, causing stack consumption in NTFS-3G 2021.8.22...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: added a sanity check on sitbitmapsize. With the above testcase, resizing will generate a corrupted image that contains inconsistent metadata. Therefore, when mounting such an image, it will trigger a kernel panic. Steps to...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021619)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021619 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracingcpumaskwrite If a large count is provided, it will trigger ...
freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId
A heap based buffer overflow flaw has been discovered in FreeRDP. This client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmapcacheput. A malicious server can send a CACHEBITMAPORDER Rev1 with cacheId equal to maxCells,...
dnsmasq: NSEC bitmap parsing infinite loop
A denial of service vulnerability was discovered in dnsmasq's DNSSEC validation. When parsing NSEC and NSEC3 bitmap records, the window iteration logic fails to account for the 2-byte window header when advancing through the bitmap data. A specially crafted DNS response with a zero-length bitmap...
freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId
A heap based buffer overflow flaw has been discovered in FreeRDP. This client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmapcacheput. A malicious server can send a CACHEBITMAPORDER Rev1 with cacheId equal to maxCells,...
dnsmasq: NSEC bitmap parsing infinite loop
A denial of service vulnerability was discovered in dnsmasq's DNSSEC validation. When parsing NSEC and NSEC3 bitmap records, the window iteration logic fails to account for the 2-byte window header when advancing through the bitmap data. A specially crafted DNS response with a zero-length bitmap...
freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...
[SECURITY] Fedora 43 Update: SDL2_image-2.8.12-1.fc43
Simple DirectMedia Layer SDL is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. This package contains a simple library for loading images of various formats BMP, PPM, PCX, GIF, JPEG, PNG as SDL surfaces...
[SECURITY] Fedora 44 Update: SDL2_image-2.8.12-1.fc44
Simple DirectMedia Layer SDL is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. This package contains a simple library for loading images of various formats BMP, PPM, PCX, GIF, JPEG, PNG as SDL surfaces...
freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId
A heap based buffer overflow flaw has been discovered in FreeRDP. This client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmapcacheput. A malicious server can send a CACHEBITMAPORDER Rev1 with cacheId equal to maxCells,...
freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId
A heap based buffer overflow flaw has been discovered in FreeRDP. This client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmapcacheput. A malicious server can send a CACHEBITMAPORDER Rev1 with cacheId equal to maxCells,...
freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId
A heap based buffer overflow flaw has been discovered in FreeRDP. This client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmapcacheput. A malicious server can send a CACHEBITMAPORDER Rev1 with cacheId equal to maxCells,...