Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: llc: A test for maclen should be performed before reading the MAC header. The LLC layer reads the MAC header using ethhdr, without verifying that the skb contains an Ethernet header. The Syzbot exploit was able to execute the...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate pppoe header Ensure that there is sufficient space to access the protocol field of the PPPoE header. Validate this once before the flowtable lookup, and then use a helper function to access the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Tunnels: Do not assume that the mac header is set in skbtunnelcheckpmtu. The recently added debug in commit f9aefd6b2aa3 “net: warn if mac header was not set” identified a bug in skbtunnelcheckpmtu, as shown in this syzbot report...

Astra Linux - уязвимость в golang-golang-x-text

An attacker can cause a denial of service by creating an Accept-Language header that requires ParseAcceptLanguage to take significant time to process...

Astra Linux - уязвимость в apache2

The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large inputs using aprwrite or aprputs. This issue can occur, for example, when using the modluas r:puts function. Modules that are compiled and distribute...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Packet corruption occurred in vmxnet3xdpxmitframe. Andrew and Nikolay reported connectivity issues with Cilium’s service load-balancing in the case of vmxnet3. If a BPF program for native XDP adds an encapsulation header...

Astra Linux - уязвимость в squid

Squid is a caching proxy for the Web. Due to an uncontrolled recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack involving HTTP request parsing. This issue allows a remote client to carr...

Astra Linux - уязвимость в zlib, libz-mingw-w64

Zlib versions up to 1.2.12 have a heap-based buffer over-read or buffer overflow issue in the inflate function within inflate.c, due to a large gzip header extra field. NOTE: Only applications that call inflateGetHeader are affected. Some common applications bundle the affected Zlib source code,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Validation of the totlen and ihl fields of the inner IPv4 packet has been added to the processing of decrypted IPTFS payloads in inputprocesspayload. A crafted ESP...

Astra Linux - уязвимость в netty

HttpObjectDecoder.java in Netty before 4.1.44 allowed an HTTP header that lacked a colon. This could be interpreted as a separate header with incorrect syntax, or it could be interpreted as an “invalid fold”...

Astra Linux - уязвимость в gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. This function does not properly check the validity of the stream-codecpriv pointer. If...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: geneve: Fixed header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in genevexmit 1 Problem: While most IP tunnel helpers such as iptunnelgetdsfield use skbprotocolskb, true, pskbinetmaypull only uses...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: geneve: Do not assume that the MAC header is set in genevexmitskb. We should not assume this; instead, use skbethhdr instead of ethhdr to fix the issue. sysbot reported the following: WARNING: CPU: 0 PID: 11635 at...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: State corruption has been prevented in fpurestoresig. The non-compacted slowpath uses copyfromuser to copy the entire user buffer into the kernel buffer, verbatim. This means that the kernel buffer may now contain entire...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: sctp: A buffer overflow vulnerability exists when skbheaderpointer returns NULL in sctprcvootb. We should always check if the return value of skbheaderpointer is NULL before using it. Otherwise, it may lead to a nullptrderef...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Firmware: csdsp: Returns an error if the block header exceeds the size of the remaining data in the file. If the block header is longer than the amount of data left in the file, csdsppowerup will return an error. The previous cod...

Astra Linux - уязвимость в twisted

In Twisted Web version 19.10.0, there was an HTTP request splitting vulnerability. When two content-length headers were provided, the system ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request...

Astra Linux - уязвимость в twisted

Twisted is an event-based framework for internet applications. It was introduced with version 0.9.4. At that time, when the host header did not match a configured host using twisted.web.vhost.NameVirtualHost, a “NoResource” resource would be returned. This caused the Host header to be rendered...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: openvswitch: removed the never-working support for setting nsh fields The validation of the setnsh... action is completely incorrect. It uses the nshkeyputfromnlattr function, which is the same function used to validate N...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: dccp: copying the entire header to the stack buffer, not just the basic header Eric Dumazet states: nfconntrackdccppacket has a unique function: dh = skbheaderpointerskb, dataoff, sizeofdh, &dh; And nothing...