Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for Tegra194, where random system crashes have been observed 0. The problem occurs when the split header...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: added vlangetprotocolanddepth helper. Previously, skbmaypull was used instead of skbheaderpointer in vlangetprotocol and related functions. Few calls relied on skb-head being populated with the MAC header. syzbot detected on...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftpayload: Incorrect arithmetic operations when fetching VLAN header bits. If the offset plus the length exceeds the range of the Ethernet + VLAN header, then the length is adjusted to copy the bytes that are within t...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: hfsplus: Do not use BUGON in hfspluscreateattributesfile. When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file has not yet been...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: bpf, testrun: Fixed a use-after-free issue in ethskbpkttype. KMSAN reported a use-after-free issue in ethskbpkttype1. The cause of the issue was that ethskbpkttype accessed data from skb that did not contain an Ethernet header...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv4: Fixed uninit-value access in ipmakeskb KMSAN reported an uninit-value access in ipmakeskb. ipmakeskb tests HDRINCL to determine whether the skb contains icmphdr. However, HDRINCL can cause a race condition. If setsockopt...

Astra Linux - уязвимость в imagemagick

In ImageMagick, there is a value of the type 'unsigned int' that is outside the representable range in MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0...

Astra Linux - уязвимость в python-urllib3

urllib3 is a user-friendly HTTP client library for Python. urllib3 does not treat the Cookie HTTP header specially or provides any helpers for managing cookies over HTTP; that responsibility lies with the user. However, it is possible for a user to specify a Cookie header, and information may be...

Astra Linux - уязвимость в qtbase-opensource-src

A issue was discovered in Qt before version 5.15.14, in versions 6.x before 6.2.9, and in versions 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security HSTS header, allowing unencrypted connections to be established, even when such connections are explicit...

Astra Linux - уязвимость в tomcat9

If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26, or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers by setting rejectIllegalHeader to false the default for 8.5.x only, Tomcat would not reject requests containing an invalid Content-Length header. This...

Astra Linux - уязвимость в libde265

It was discovered that Libde265 v1.0.11 contains a segmentation violation through the function decodercontext::processSliceSegmentHeader in decctx.cc...

Astra Linux - уязвимость в ruby-rack

Rack is a modular Ruby web server interface. Carefully crafted headers may cause header parsing in Rack to take longer than expected, potentially leading to a denial-of-service issue. The Accept and Forwarded headers are affected. Ruby 3.2 includes fixes for this problem, so Rack applications tha...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv4, ipv6: Fixed the handling of transhdrlen in ip,6appenddata. Including transhdrlen in the packet length is a problem when the packet is partially filled e.g., a sendMSGMORE operation occurred previously when appending to a...

Astra Linux - уязвимость в netty

Netty is an asynchronous, event-driven network application framework designed for rapid development of maintainable, high-performance protocol servers and clients. In versions prior to 4.1.71.Final, Netty would skip control characters when they appeared at the beginning or end of a header name...

Astra Linux - уязвимость в jetty9

Jetty is a Java-based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepted the + character that followed the content-length value in an HTTP/1 header field. This was more permissive than what is allowed by the RFC, and other servers routinely...

Astra Linux - уязвимость в python3.11, python3.7

When folding a long comment within an email header that contains only printable characters, the parentheses will not be preserved. This can be exploited to inject headers into email messages where the addresses are controlled by users and not sanitized...

Astra Linux - уязвимость в python-django

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of the Accept-Language header are cached in order to avoid repeated parsing. This can lead to a potential denial-of-service vulnerability due to excessive memory usage if the raw value of the Accept-Language...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: NSh: The skb-protocol,data,macheader field for the outer header in nshgsosegment was restored. syzbot triggered various errors by sending a crafted GSO packet using the protocol VIRTIONETHDRGSOUDP, which includes the following...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Team: Fix null-ptr-deref when the team device type is changed. The null-ptr-deref bug occurs as follows with a reproducer 1. Bug: NULL pointer dereferencing in the kernel. Address: 0000000000000228 …RIP:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: fixed null-ptr-deref in idpffeaturescheck idpffeaturescheck is used to validate the TX packet. The length of the skb header is compared with the value supported by the hardware, which is received from the device control...