Astra Linux - уязвимость в 389-ds-base

A access control bypass vulnerability was discovered in version 389-ds-base. This issue stems from improper handling of the filter, which results in incorrect results. However, further analysis revealed that it actually constitutes an access control bypass. This vulnerability could allow any...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: TCPQUEUESEQ: sanity tests were added. Qingyu Li reported a syzkaller bug where, after restoring data from the receive queue, the sequence number was copied again. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096,...

Astra Linux – Vulnerability in Python-Django

In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validateipv4address, and validateipv46address did not prohibit leading zero characters in octal literals. This may allow bypassing access control based on IP addresses. validateipv4address and validateipv46address...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Fixed the enumeration of protocols in the base protocol. When enumerating the protocols implemented by the SCMI platform using BASEDISCOVERLISTPROTOCOLS, the number of protocols returned is currently validated ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: The system now validates the entire DACL before rewriting it using cifsacl. The functions buildsecdesc and idmodetocifsacl derive a pointer to the DACL from a dacloffset provided by the server. They then use the...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, it is now allowed only for the init netns to set the default tcpcongestioncontrol to a restricted algorithm. The tcpsetdefaultcongestioncontrol function is netns-safe because it writes to...

Astra Linux - уязвимость в linux, linux-5.10

A non-privileged write-to-file handler flaw exists in the Linux kernel’s control groups and namespaces subsystem. This flaw allows users to gain access to certain less-privileged processes that are controlled by cgroups, even when those processes have higher-privileged parent processes. This issu...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Added a NULL check for ‘replay’ in ‘edpsetreplayallowactive’. In the first if statement, we are checking whether ‘replay’ is NULL. However, in the second if statement, we do not check whether ‘replay’ is NULL aga...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed a use-after-free caused by l2capreassemblesdu. Fixed a race condition between the following two processes that run parallelly: 1. l2capreassemblesdu - chan-ops-recv l2capsockrecvcb - sockqueuercvskb. 2...

Astra Linux - уязвимость в beep

Beep version 1.3 and later contains a vulnerability in the External Control of File Name or Path feature in the --device option. This vulnerability allows local unprivileged users to inhibit the execution of arbitrary programs by other users, potentially leading to Denial-of-Service attacks. This...

Astra Linux - уязвимость в linux, bluez

Improper access control in BlueZ may allow a authenticated user to potentially enable information disclosure through adjacent access...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: TCP: Do not accept ACKs for bytes that we never sent. This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. The validation of ACK sequences currently follows the guidelines outlined in RFC 5961,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A use-after-free flaw was discovered in the nfcllcpfindlocal function in net/nfc/llcpcore.c within NFC in the Linux kernel. This flaw allows a local user with special privileges to cause a kernel information leak issue...

Astra Linux - уязвимость в linux, linux-5.10

A data leak flaw was discovered in the way of the XFSIOCALLOCSP IOCTL in the XFS filesystem, which allows for an increase in file sizes when the size is unaligned. A local attacker could exploit this flaw to leak data from the XFS filesystem that would otherwise be inaccessible to them...

Astra Linux - уязвимость в ovn

A flaw was discovered in Open Virtual Network, where the service monitor MAC does not properly implement rate limiting. This issue could allow an attacker to cause a denial of service, even in deployments with CoPP enabled and properly configured...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: gpib: Fixed a use-after-free in IO ioctl handlers. The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpibdescriptor pointer after the board-biggpibmutex has been released. A concurrent IBCLOSEDEV ioctl can free the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xsk: Avoid data corruption on cq descriptor numbers. Since commit 30f241fcf52a “xsk: Fix immature cq descriptor production”, the descriptor number is stored in the skb control block. The xskcqsubmitaddrlocked function relies on...

Astra Linux - уязвимость в chromium

The inappropriate implementation of the Extensions API in Google Chrome prior to version 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control through a crafted HTML page...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: max9286: Fixed a memory leak in max9286v4l2register There is a memory leak when testing the media/i2c/max9286.c file using the bpf mock tool. kmemleak: 5 new suspected memory leaks see /sys/kernel/debug/kmemleak...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A issue was discovered in the Linux kernel before version 6.6.8. The dovccioctl function in net/atm/ioctl.c has a use-after-free issue due to a race condition involving vccrecvmsg...