66320 matches found
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nbd: Fixed incomplete validation of ioctl arguments. We identified an alarm caused by incomplete validation of ioctl arguments without proper verification. The UBSAN warning appears as follows: UBSAN: Undefined behavior in...
Astra Linux – Vulnerability in ffmpeg, ffmpeg5
FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library, which allows for an integer overflow. This could potentially lead to a denial-of-service DoS attack or other undefined behaviors...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: A BUG in pskbexpandhead, as part of calipsoskbuffsetattr. There exists a kernel oops caused by a BUGONnhead INTMAX i.e., intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb ...
Astra Linux – Vulnerability in mbedtls
Integer overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. Attackers can exploit this vulnerability to cause a denial of service DoS attack through the mbedtlsx509setextension function...
Astra Linux – Vulnerability in libavif
In libavif before version 1.3.0, the avifImageRGBToYUV function in reformat.c contains integer overflows during multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes...
Astra Linux – Vulnerability in gst-plugins-bad1.0
GStreamer MXF File Parsing: Integer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may va...
Astra Linux – Vulnerability in hiredis
Hiredis is a minimalistic C client library for the Redis database. In affected versions, Hiredis can be vulnerable to integer overflow if maliciously crafted or corrupted RESP mult-bulk protocol data is provided. When parsing mult-bulk array-like replies, Hiredis fails to check whether count...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an integer overflow issue while processing the closetimeo mount option. The user-provided closetimeo mount parameter, of type u32, is intended to have an upper limit. However, before this limit is validated, the value...
Astra Linux – Vulnerability in binutils
A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in the GNU Binutils through version 2.31. There is an integer overflow and an infinite loop caused by the ISCONTAINEDBYLMA macro in elf.c...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rtc: tps6594: Fixed integer overflow on 32-bit systems The issue arises from the multiplication in tps6594rtcsetoffset. c tmp = offset TICKSPERHOUR; The tmp variable is of type s64, but offset is of type long and lies in the rang...
Astra Linux – Vulnerabilities in Firefox, Thunderbird, Expat, LibXMLTok
The lookup function in xmlparse.c within Expat also known as libexpat has an integer overflow before version 2.4.3...
Astra Linux – Vulnerabilities in Firefox, Thunderbird, Expat, LibXMLTok
The nextScaffoldPart function in xmlparse.c of Expat also known as libexpat, prior to version 2.4.3, has an integer overflow issue...
Astra Linux – Vulnerability in unbound
Before version 1.9.5, Unbound allowed an integer overflow in the regional allocator through the ALIGNUP macro. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be remotely or locally exploited...
Astra Linux – Vulnerability in unbound
Before version 1.9.5, Unbound allowed for an integer overflow in sldnsstr2wirednamebuforigin, resulting in an out-of-bounds write. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be remotely or locally exploited...
Astra Linux – Vulnerability in glibc
The wordexp function in the GNU C Library also known as glibc, up to version 2.33, may crash or access arbitrary memory during the parseparam function located in posix/wordexp.c when called with an untrusted, crafted pattern. This could potentially lead to a denial of service or the disclosure of...
Astra Linux – Vulnerability in klibc
A issue was discovered in klibc before version 2.0.9. Multiple potential integer overflows in the cpio command on 32-bit systems could lead to a buffer overflow or other security issues...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: crypto: qat – added parameter checks for RSA. Requests with a source buffer size greater than the size of the key are rejected. This prevents potential integer underflow issues that might occur when copying the source scatterlist...
Astra Linux – Vulnerability in WebKit2GTK
Integer overflow has been addressed through improved input validation. This issue is fixed in iOS 14.5.1, iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, and macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux – Vulnerability in ffmpeg
An integer overflow vulnerability exists in the function filterrobert in libavfilter/vfconvolution.c in Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...
Astra Linux – Vulnerability in ffmpeg
An integer overflow vulnerability exists in the function filterprewitt in libavfilter/vfconvolution.c in Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...