21932 matches found
Astra Linux - уязвимость в amd64-microcode
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...
Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: dm cache: Fixed the issue where uninitialized delayedwork objects were flushed during a cachectr error. An unexpected WARN message may occur when cache creation fails, caused by destroying the uninitialized delayedwork object ...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: fixed the race condition in dstnegativeadvice The dstnegativeadvice function does not enforce proper RCU rules when sk-dstcache must be cleared, which could lead to a Use-After-Free UAF exception. The proper RCU rules state...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: dax: Make sure that inodes are flushed before destroying the cache. A bug can be triggered by executing the following command: $ modprobe ndpmem && modprobe -r ndpmem The following error messages were recorded: 10.060014 BUG...
Astra Linux - уязвимость в imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted imag...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: parisc: Remove WARNONONCE from flushcachevmap. I have observed warnings occasionally being triggered...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/shmem: Disabling the PMD-sized page cache if needed For shmem files, it’s possible that the PMD-sized page cache cannot be supported by xarray. For example, a 512MB page cache on ARM64 when the base page size is 64KB cannot...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Call btrfsremovefreespacecachelocked on cache load failure Now that lockdep remains enabled throughout our CI processes, I noticed the following stack trace in generic/475: ------------ Cut here --- WARNING: CPU: 1 PID:...
Astra Linux - уязвимость в chromium
The use of BFCache in Google Chrome before version 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в flask
Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client’s session...
Astra Linux - уязвимость в linux, linux-5.10
Certain Arm Cortex and Neoverse processors, as of 2022-03-08, do not properly prevent cache speculation, also known as Spectre-BHB. Attackers can exploit the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. As a result, cache allocation may allow attacker...
Astra Linux - уязвимость в bind9
BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND supports the following preview editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1 Versions of BIND 9 that are earlier than those shown—going back to 9.1.0, including the supported preview editions—are also believed to be affected, b...
Astra Linux - уязвимость в guava-libraries
There is a vulnerability related to the creation of temporary directories in all versions of Guava. An attacker with access to the system can potentially access data stored in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir. By default, on Unix-like systems...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Fixed the reference leak in nfsd4addrdaccesstowrdeleg. The nfsd4addrdaccesstowrdeleg function overwrites fp-fifdsORDONLY unconditionally with a newly acquired nfsdfile. However, if the client already has a SHAREACCESSREA...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: bcache: Reverting the replacement of ISERRORNULL with ISERR The commit 028ddcac477b “bcache: Removing unnecessary NULL point checks in node allocations” causes a NULL pointer dereferencing in cachesetFlush. c if !ISERRORNULLc-roo...
Astra Linux - уязвимость в firefox
Bypass of mitigation mechanisms in the Networking: Cache component. This vulnerability has been fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux - уязвимость в glibc
The Name Service Cache Daemon’s nscd netgroup cache uses xmalloc or xrealloc, and these functions may terminate the process due to a memory allocation failure, resulting in a denial of service for clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability ...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: don't delete error page from pagecache This change is very similar to the change that was made for shmem 1, and it solves the same problem but for HugeTLBFS instead. Currently, when poison is found in a HugeTLB page, t...
Astra Linux - уязвимость в intel-microcode
Improper isolation in the IntelR CoreTM Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evicting cache lines during SNP memory validation A vulnerability related to SNP cache coherence requires a cache line eviction mitigation mechanism when validating memory after a page state changes to private. The...