18220 matches found
Astra Linux – Vulnerability in WebKit2GTK
A logic issue has been addressed through improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1, and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Added the drmcrtccommitPut operation. Commit 9ec03d7f1ed3 “drm/vc4: kms: Wait on previous FIFO users before a commit” introduced a global state for the HVS, where each FIFO stores the current CRTC commit. This allow...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Added support for Van Gogh SoC. The ROG Xbox Ally non-X SoC features an architecture similar to the Steam Deck. While the Steam Deck supports S3 mode s2idle causes a crash, this feature was removed from the...
Astra Linux – Vulnerability in Linux-Firmware
A null pointer reference exists in some IntelR Graphics Drivers for Windows prior to version 26.20.100.7212, as well as prior to the release of the Linux kernel version 5.5. This vulnerability could allow a privileged user to exploit the system to cause a denial of service through local access...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “drm/amd: Check if ASPM is enabled from the PCIe subsystem” has been reverted. This reversion is associated with the commit 7294863a6f01248d72b61d38478978d638641bee. This commit was erroneously applied again after the commit...
Astra Linux – Vulnerability in Batik
A vulnerability in Batik of Apache XML Graphics allows an attacker to execute untrusted Java code from an SVG. This issue affects Apache XML Graphics versions prior to 1.16. It is recommended to update to version 1.16...
Astra Linux – Vulnerability in GhostScript
A issue was discovered in Artifex Ghostscript prior to version 10.05.0. The NPDL device has a Compression buffer overflow in the contrib/japanese/gdevnpdl.c file...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/xe/vf: Do not expose sysfs attributes that are not applicable to VFs. VFs cannot read the BMGPCIECAP0x138340 register, nor can they access the PCODE which is already guarded by the info.skippcode flag. Therefore, we should...
Astra Linux – Vulnerability in Firefox
Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD After i915vmapinww is completed, a synchronous variant of dmafenceworkcommit is called. When pinning a VMA to GGTT address space on a Cherry View family processor...
Astra Linux – Vulnerability in imagemagick
The WriteOnePNGImage function from coders/png.c the PNG encoder contains a for loop with an improper exit condition, which may lead to an out-of-bounds READ operation due to a heap-buffer-overflow issue. This occurs because it is possible for the colormap to have fewer than 256 valid values, and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: amd/amdkfd: enhanced checking of kfd processes during switch partitions. Currently, the switch partition only checks whether kfdprocessestable is empty. An entry in kfdprocessestable is deleted in kfdprocessnotifierrelease, bu...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm/shmem-helper: The erroneous “put” operation has been removed from the error path. The drmgemshmemmmap function does not have a reference in the error code path, resulting in the dma-buf shmem GEM object being freed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/pxp: The “clear restart flag” is cleared after returning to the previous state via a jump. If we do not clear this flag, we will continue to jump back at the beginning of the function once we reach the end. Identified from...
Astra Linux – Vulnerability in hdf5
There is an out-of-bounds write vulnerability in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially crafted GIF file can lead to code execution. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurred in the RDPGFX ClearCodec decode path, where maliciously crafted residual data caused out-of-bounds writes during color output. A malicious server could trigger a...
CVE-2026-34192
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not...
CVE-2026-41156 GPU DDK - kernel<->fw CCB contains SYNC_PRIMITIVE_BLOCK firmware address without holding reference
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources creating a write use after free scenario. A shared resource memory page managed by a CPU thread of control driver and accessed by a GPU thread of control Firmware can caus...
EUVD-2026-38002
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources creating a write use after free scenario. A shared resource memory page managed by a CPU thread of control driver and accessed by a GPU thread of control Firmware can caus...
EUVD-2026-38001
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not...