33382 matches found
Astra Linux - уязвимость в squid
Squid is a caching proxy for the Web. Due to an uncontrolled recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack involving HTTP request parsing. This issue allows a remote client to carr...
Astra Linux - уязвимость в zlib, libz-mingw-w64
Zlib versions up to 1.2.12 have a heap-based buffer over-read or buffer overflow issue in the inflate function within inflate.c, due to a large gzip header extra field. NOTE: Only applications that call inflateGetHeader are affected. Some common applications bundle the affected Zlib source code,...
Astra Linux - уязвимость в linux
A vulnerability was discovered in the Linux kernel, where an information leak occurs through the ext4extentheader to the user space...
Astra Linux - уязвимость в thunderbird
It was possible to create an email that included a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird would automatically access the link. The configuration to block remote content did not prevent this behavior. Thunderbird has been updated to no longer allo...
Astra Linux - уязвимость в firefox
By using iterative requests, an attacker was able to determine the size of an opaque response, as well as the contents of a Vary header provided by the server. This vulnerability affects Firefox versions earlier than 119...
Astra Linux - уязвимость в ceph
Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the x-amz-copy-source argument to copy an object and specifying an empty string as its content resulted in the RGW daemon crashing, leading to a DoS attack. As of the time of publication,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Packet corruption occurred in vmxnet3xdpxmitframe. Andrew and Nikolay reported connectivity issues with Cilium’s service load-balancing in the case of vmxnet3. If a BPF program for native XDP adds an encapsulation header...
Astra Linux - уязвимость в python3.11
When using http.cookies.Morsel, user-controlled cookie values and parameters may allow the injection of HTTP headers into messages. The patch rejects all control characters within cookie names, values, and parameters...
Astra Linux - уязвимость в gst-plugins-good1.0
DOS: Potential heap overwrite during MKV demuxing using HEADERSTRIP decompression. Integer overflow occurs in the matroskaparse element within the gstmatroskadecompressdata function, leading to a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, this overflow cannot ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Validation of the totlen and ihl fields of the inner IPv4 packet has been added to the processing of decrypted IPTFS payloads in inputprocesspayload. A crafted ESP...
Astra Linux - уязвимость в netty
HttpObjectDecoder.java in Netty before 4.1.44 allowed an HTTP header that lacked a colon. This could be interpreted as a separate header with incorrect syntax, or it could be interpreted as an “invalid fold”...
Astra Linux - уязвимость в gst-plugins-good1.0
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. This function does not properly check the validity of the stream-codecpriv pointer. If...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: geneve: Fixed header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in genevexmit 1 Problem: While most IP tunnel helpers such as iptunnelgetdsfield use skbprotocolskb, true, pskbinetmaypull only uses...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: geneve: Do not assume that the MAC header is set in genevexmitskb. We should not assume this; instead, use skbethhdr instead of ethhdr to fix the issue. sysbot reported the following: WARNING: CPU: 0 PID: 11635 at...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: State corruption has been prevented in fpurestoresig. The non-compacted slowpath uses copyfromuser to copy the entire user buffer into the kernel buffer, verbatim. This means that the kernel buffer may now contain entire...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: sctp: A buffer overflow vulnerability exists when skbheaderpointer returns NULL in sctprcvootb. We should always check if the return value of skbheaderpointer is NULL before using it. Otherwise, it may lead to a nullptrderef...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Firmware: csdsp: Returns an error if the block header exceeds the size of the remaining data in the file. If the block header is longer than the amount of data left in the file, csdsppowerup will return an error. The previous cod...
Astra Linux - уязвимость в twisted
In Twisted Web version 19.10.0, there was an HTTP request splitting vulnerability. When two content-length headers were provided, the system ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request...
Astra Linux - уязвимость в twisted
Twisted is an event-based framework for internet applications. It was introduced with version 0.9.4. At that time, when the host header did not match a configured host using twisted.web.vhost.NameVirtualHost, a “NoResource” resource would be returned. This caused the Host header to be rendered...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: openvswitch: removed the never-working support for setting nsh fields The validation of the setnsh... action is completely incorrect. It uses the nshkeyputfromnlattr function, which is the same function used to validate N...