3153 matches found
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Added a check for the encoder in intelhdcpgetcapability. Sometimes during hotplug scenarios or suspend/resume scenarios, the encoder may not be initialized properly. To prevent null pointer dereferencing in the...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A bounds check was implemented for stream encoder creation in DCN301. The streamenc regs array is an array of dcn10streamencregisters structures. This array is initialized with four elements, corresponding to the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fixed encoder-possibleclones. The encoder itself should be included in its possibleclones bitmask. In the past, nothing ensured that drivers correctly populated possibleclones; this has changed in the commit...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount leak in mesonencoderhdmiinit offinddevicebynode takes reference, we should use putdevice to release it when not need anymore. Add missing putdevice in error path to avoid refcount leak...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Added a lock to protect the encoder context list. A lock was added for the ctxlist to prevent accessing a NULL pointer within the 'vpuencipihandler' function when the ctxlist is deleted due to an unexpect...
Astra Linux - уязвимость в ffmpeg, ffmpeg5
FFmpeg v.n6.1-3-g466799d4f5 allows for an over-reading of the buffer at ffgradfunblurlinemovdqasse2, as demonstrated by a call to the setencoderid function in the /fftools/ffmpegenc.c component...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3attach Syzbot identified an issue 1 in multiq3attach that induces a task timeout due to open or COMEDIDEVCONFIG ioctl operations, specifically, in the case of multiq3 driver. Thi...
Astra Linux - уязвимость в thunderbird
A double-free might have occurred in vpxcodecencinitmulti after a failed allocation during the initialization of the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird versions 139 and Thunderbird versions 128.1...
Astra Linux - уязвимость в flac
In streamencoder.c, there is a potential out-of-bounds write due to a missing bounds check. This could lead to exposure of local information without requiring additional execution privileges. User interaction is not required for exploitation. Product: Android Versions: Android-11 Android ID:...
Astra Linux - уязвимость в imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder do not validate the pixel index value returned by GetPixelIndex before using it as an array subscript. In HDRI builds, Quantum is ...
Astra Linux - уязвимость в ffmpeg5
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, decompress and decode it into the buffer td-rlerawdata of size rlerawsize a...
Astra Linux - уязвимость в ffmpeg, ffmpeg5
A vulnerability, classified as critical, was discovered in FFmpeg version 7.1. This vulnerability affects the ffaacsearchfortns function in the libavcodec/aacenctns.c file of the AAC Encoder component. The vulnerability allows for a stack-based buffer overflow attack. The attack can be initiated...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds access in 'dcn21linkencodercreate' An issue was identified in the dcn21linkencodercreate function where an out-of-bounds access could occur when the hpdsource index was used to reference the...
Astra Linux - уязвимость в openjpeg2
There is a flaw in openjpeg in versions prior to 2.4.0, located in src/lib/openjp2/pi.c. When an attacker can provide crafted input that is processed by the openjpeg encoder, it may lead to an out-of-bounds read. The most significant impact of this flaw is the application’s availability...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Make intelgetcrtcnewencoder less oops-oriented. The purpose of the WARN message was to print something, not to simply report an “oops” error. Currently, this exactly happens when we cannot find the Crtc connector in the...
CLSA-2026-1777542477 Fix CVE(s): CVE-2026-28690
SECURITY UPDATE: stack buffer overflow in MNG/JNG encoder — missing NULL check after ImageToBlob in WriteOneJNGImage could propagate a NULL blob pointer into later stack buffer operations GHSA-7h7q-j33q-hvpf. - debian/patches/CVE-2026-28690.patch: bail out of WriteOneJNGImage when ImageToBlob...
Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1611)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1611 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an XML file it is possible that a...
Important: ImageMagick
Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions...
CLSA-2026-1777478310 ImageMagick: Fix of CVE-2026-40169
CVE-2026-40169: fix out-of-bounds heap write in JSON encoder montageDirectory loop...
CLSA-2026-1777477457 ImageMagick: Fix of CVE-2026-40169
CVE-2026-40169: fix out-of-bounds heap write in JSON encoder montageDirectory loop...