Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Rejected malicious packets in ipv6gsoSegment. syzbot was able to create a packet with very long IPv6 extension headers, leading to an overflow of the skb-transportheader field. This 16-bit field has a limited range. Add...

Astra Linux - уязвимость в exim4

In versions of Exim up to 4.97.1, Misparse processes multi-line RFC 2231 header filenames. As a result, remote attackers can bypass the protection mechanism that blocks $mimefilename extensions, and potentially deliver executable attachments to the mailboxes of end users...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: lapb: increase LAPBHEADERLEN It is unclear whether the net/lapb code is supposed to be ready for 8021q. We can at least avoid crashes like the following: skbuff: skbunderpanic: text:ffffffff8aabe1f6 len:24 put:20...

Astra Linux - уязвимость в zlib, libz-mingw-w64

Zlib versions up to 1.2.12 have a heap-based buffer over-read or buffer overflow issue in the inflate function within inflate.c, due to a large gzip header extra field. NOTE: Only applications that call inflateGetHeader are affected. Some common applications bundle the affected Zlib source code,...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: mctp i2c: handling of NULL header addresses The daddr field can be NULL if there is no neighbour table entry present. In that case, the TX packet should be discarded. The saddr field is usually set by the MCTP core, but a NULL...

Astra Linux - уязвимость в haproxy

Before version 2.7.3, HAProxy might allow a bypass of access control mechanisms, as HTTP/1 headers were inadvertently lost in certain situations, also known as “request smuggling.” The HTTP header parsers in HAProxy might accept empty header field names, which could be used to omit the list of HT...

Astra Linux - уязвимость в squid

A issue was discovered in Squid 4.x before 4.15, and in 5.x before 5.0.6. If a remote server sends a certain response header via HTTP or HTTPS, it can lead to a denial of service. This header can potentially appear in legitimate network traffic...

Astra Linux - уязвимость в tomcat9

Improper input validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, and from 9.0.0-M1 through 9.0.112. The following versions were at the end of their support lifecycles at the time the CVE was created, but are still affected:...

Astra Linux - уязвимость в golang-golang-x-net

In Go, net/http versions before 1.16.12 and 1.17.x, as well as before 1.17.5, allowed uncontrolled memory consumption in the header canonicalization cache through HTTP/2 requests...

Astra Linux - уязвимость в golang-1.19

Parsing multipart forms can consume large amounts of CPU and memory when processing form inputs containing a very large number of parts. This occurs due to several reasons: 1. The mime/multipart.Reader.ReadForm method limits the total memory that a parsed multipart form can consume. ReadForm may...

Astra Linux - уязвимость в apache2

The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large inputs using aprwrite or aprputs. This issue can occur, for example, when using the modluas r:puts function. Modules that are compiled and distribute...

Astra Linux - уязвимость в ceph

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the x-amz-copy-source argument to copy an object and specifying an empty string as its content resulted in the RGW daemon crashing, leading to a DoS attack. As of the time of publication,...

Astra Linux - уязвимость в tomcat9

When using RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71, and 8.5.0 to 8.5.85 did not include the secure attribut...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: rpl: Fix use-after-free in rpldosrhinline. Running lwtdstcacherefloop.sh in selftest with KASAN triggers the splat below 0. rpldosrhinline fetches ipv6hdrskb and accesses it after skbcowhead, which is illegal as the header could ...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: dropping UFO packets in udprcvSegment When sending a packet with virtionetHdr to the tun device, if the gsotype in virtionetHdr is SKBGSOUDP and the gsoSize is less than udphdrSize, a crash may occur. ------------ cut here...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: Ensure that the ethheaderlen field is set to a valid value. The syzbot triggered an uninitvalue1 error in the bridgedevice’s xmit path by sending a short packet less than ETHHLEN bytes. To fix this issue, check...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use the correct macoffset to unwind gsoskb in nshgsosegment As shown in the call trace, the skbpanic error occurred due to an incorrect skb-macheader value in nshgsoSegment. Invalid opcode: 0000 1 PREEMPT SMP KASAN PTI...

Astra Linux - уязвимость в librabbitmq

A issue was discovered in amqphandleinput within amqpconnection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption during the handling of THE CONNECTIONSTATEHEADER. A malicious server could return a malicious frame header, resulting in a smaller targetsize...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Firmware: csdsp: Fixed the overflow checking of the wmfwheader. The checking was corrected to ensure that the firmware file buffer is large enough to hold the wmfwheader, thereby preventing the buffer from being overwritten. T...

Astra Linux - уязвимость в ruby-rack

There is a denial-of-service vulnerability in the header parsing component of Rack...