Astra Linux – Vulnerability in GhostScript

A issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow occurs when parsing the filename format string for the output filename, resulting in path truncation, as well as possible path traversal and code execution...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a slab-out-of-bounds read in eaget During the “sizecheck” step in eaget, the code checks whether the extended attribute list xattr size matches easize. If not, it logs “eaget: invalid extended attribute” and calls...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915/ttm: fixed handling of CCS Crucible + recent Mesa sometimes causes the following issue: GEMBUGONnumccsblks NUMCCSBLKSPERXFER It seems that this issue can also be triggered with gemlmemswapping, if we modify the tests ...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a signed-integer-overflow bug in tcpaddbacklog The types of skrcvbuf and sksndbuf within the struct sock structure are int. In tcpaddbacklog, the limit for these variables is calculated by adding skrcvbuf, sksndbuf, an...

Astra Linux – Vulnerabilities in Firefox, Thunderbird, Expat, LibXMLTok

The nextScaffoldPart function in xmlparse.c of Expat also known as libexpat, prior to version 2.4.3, has an integer overflow issue...

Astra Linux – Vulnerability in Python 3.7, PHP 7.3

The Keccak XKCP SHA-3 reference implementation, prior to the update of fdc6fef, has an integer overflow and resulting buffer overflow issue. This vulnerability allows attackers to execute arbitrary code or compromise the expected cryptographic properties of the algorithm. This issue occurs within...

Astra Linux – Vulnerability in uriparser

A issue was discovered in uriparser through 0.9.7. The ComposeQueryMallocExMm function in UriQuery.c has an integer overflow due to the use of a long string...

Astra Linux – Vulnerability in openexr

A flaw was discovered in the function dataWindowForTile of the IlmImf/ImfTiledMisc.cpp file. An attacker who can submit a crafted file for processing with OpenEXR could trigger an integer overflow, resulting in an out-of-bounds write operation on the heap. The most significant impact of this flaw...

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick version 7.0.11. In this version, an integer overflow in the WriteTHUMBNAILImage function in the coders/thumbnail.c file may lead to undefined behavior when processing a specially crafted image file submitted by an attacker. The greatest threat posed by this...

Astra Linux – Vulnerability in WebKit2GTK

Integer overflow has been addressed through improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2, and iPadOS 15.2, as well as watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: schfq: Fix for integer overflow of “credit”. If schfq is configured with “initial quantum” values greater than INTMAX, the first assignment of “credit” will cause signed integer overflow, resulting in a very negative...

Astra Linux – Vulnerabilities in Firefox, Thunderbird, Expat, LibXMLTok

The defineAttribute function in xmlparse.c of Expat also known as libexpat has an integer overflow before version 2.4.3...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Regulator: Core – Prevent integer underflow By using a ratio of delay to pollEnabledTime that is not an integer, timeRemaining underflows may occur, causing the loop not to exit as expected. Since delay can be derived from DT, an...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fixed an integer overflow in ghesestatuspoolinit. The variable numghes was changed from int to unsigned int, preventing an overflow and causing subsequent vmalloc calls to fail. The overflow occurs in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: This issue prevents vlag from going out of bounds in reweighteevdf. It was possible for pickeevdf to return NULL, which would lead to a NULL-deref. This issue was caused by entityeligible, which returned a falsely...

Astra Linux – Vulnerability in TIF format

An integer overflow flaw was discovered in libtiff, which resides in the tifgetimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The greatest threat posed by this vulnerability relates to confidentiality, integrity, and system...

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login interface to remote machines using the Microsoft Remote Desktop Protocol RDP. Version 0.9.21 and earlier of xrdp contain an integer overflow in the xrdpmmprocessrailupdatewindowtext function. There are no known solutions to this issue...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: wavefront: Fixed integer overflow in sample size validation The wavefrontsendsample function has a problem with integer overflow when validating sample size. The header-size field is of type u32, but it is cast to int for...

Astra Linux – Vulnerability in pcre3

In PCRE before version 8.44, libpcre allowed integer overflows due to a large number appearing after a ?C substring...

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk.Authenticated users who issue specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, leading to a runtime assertion and termination of the Redis server process. This issue affects all Redis...