Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed the issue of resolving backrefs for inline extents followed by prealloc extents. If a file consists of an inline extent followed by a regular or prealloc extent, then a legitimate attempt to resolve a logical...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A flaw was discovered in the exFAT driver of the Linux kernel. The vulnerability resides in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long...

Astra Linux - уязвимость в chromium

Insufficient policy enforcement in the File System API of Google Chrome prior to version 112.0.5615.49 allowed a remote attacker to bypass filesystem restrictions through a crafted HTML page. Chromium security severity: Medium...

Astra Linux - уязвимость в chromium

Insufficient policy enforcement in the File System API of Google Chrome prior to version 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions through a crafted HTML page...

Astra Linux - уязвимость в docker.io

In Docker versions prior to 9.03.15 and 20.10.3, there is a vulnerability related to the --userns-remap option. This option allows access to the remapped root directory, enabling privilege escalation to the actual root directory. When using --userns-remap, if the root user in the remapped namespa...

Astra Linux - уязвимость в linux, linux-5.10

A heap-based buffer overflow flaw was discovered in the way the legacyparseparam function in the Linux kernel’s Filesystem Context functionality verifies the length of the supplied parameters. A non-privileged user if non-privileged user namespaces are enabled, otherwise requiring CAPSYSADMIN...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a NULL pointer dereferencing issue in smb2getinfofilesystem. If share is provided, share-path will be NULL, which can lead to a NULL pointer dereferencing issue...

Astra Linux - уязвимость в u-boot

The U-Boot versions from 2016.09 to 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem. This results in a stack buffer overflow, potentially leading to code execution...

Astra Linux - уязвимость в linux-5.10

A flaw was discovered in btrfsgetrootref in fs/btrfs/disk-io.c within the btrfs filesystem of the Linux kernel, due to a double decrement of the reference count. This issue may allow a local attacker with user privileges to crash the system or may lead to the leakage of internal kernel informatio...

Astra Linux - уязвимость в linux, linux-5.10

A data leak flaw was discovered in the way of the XFSIOCALLOCSP IOCTL in the XFS filesystem, which allows for an increase in file sizes when the size is unaligned. A local attacker could exploit this flaw to leak data from the XFS filesystem that would otherwise be inaccessible to them...

Astra Linux - уязвимость в grub2

A out-of-bounds write flaw was discovered in grub2’s NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, resulting in corruption of grub’s heap metadata. In some cases, the attack may also corrupt the UEFI firmware heap metadata. As a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fixed a kernel bug in netfslimititer for ITERKVEC iterators. When a process crashes and the kernel writes a core dump to a 9P filesystem, kernelwrite creates an ITERKVEC iterator. This iterator calls netfsunbufferedwrite,...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Flush the inode if the atomic file is aborted. We need to flush the inode that was aborted during the atomic operation, to avoid stale dirty inodes during eviction in this call stack: f2fsmarkinodedirtysync+0x22/0x40 f2f...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: The issue where “racy” might inline data checks during dio write has been fixed. According to syzbot, the following warning from ext4iomapbegin is triggered as of the referenced commit: c if WARNONONCEext4hasinlinedatainode...

Astra Linux - уязвимость в f2fs-tools

There is an exploitable information disclosure vulnerability in the devread functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can lead to an uninitialized read operation, resulting in information disclosure. An attacker can provide a malicious file to trigger this...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fixed the pre-flush behavior when appending to a file in writethrough mode. In netfsperformwrite, when the file is marked as NETFSICTXWRITETHROUGH or OSYNC or RWFSYNC, write-through caching is performed on a buffered file...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: refuses to create an EA block when umounted. The EA block expansion needs to access sroot, but sroot is already set to NULL when umount is triggered. This request is refused to avoid panic conditions...

Astra Linux - уязвимость в python-django

A issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ was used. The intermediate-level directories of the filesystem cache had the system’s standard umask instead of 0o077...

Astra Linux - уязвимость в f2fs-tools

There is an exploitable code execution vulnerability in the fsckchkorphannode functionality of the F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can lead to a heap buffer overflow, resulting in code execution. An attacker can provide a malicious file to trigger this vulnerability...

glib: Integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow

A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service DoS via an integer overflow in GLib's GIO GLib Input/Output escapebytestring function when processing malicious file or remote filesystem attribute values...