Astra Linux – Vulnerability in espeak-ng

It was discovered that Espeak-ng 1.52-dev contains a Buffer Overflow due to a vulnerability in the ReadClause function in the readclause.c file...

Astra Linux – Vulnerability in libjettison-java

It was discovered that Jettison before version 1.5.2 contained a stack overflow vulnerability through the map parameter. This vulnerability allows attackers to cause a Denial of Service DoS attack by using a specially crafted string...

Astra Linux – Vulnerability in libde265

libde265 v1.0.4 contains a heap buffer overflow vulnerability in the mmloadlepi64 function, which can be exploited through a specially crafted file...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/9p: Fixed buffer overflow in the USB transport layer. There is a buffer overflow vulnerability in the USB 9pfs transport layer. In this case, inconsistencies in size validation between packet header parsing and actual data...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hfi1: Fixed potential integer multiplication overflow errors. When multiplying values of different types, an overflow can occur even when storing the result in a larger type. This happens because the conversion is perform...

Astra Linux – Vulnerability in Chromium

A heap buffer overflow vulnerability in Google Chrome’s Media component on Linux, prior to version 88.0.4324.182, allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in binutils

Heap buffer overflow vulnerability in binutils’ readelf before version 2.40, caused by the displaydebugsection function in the readelf.c file...

Astra Linux – Vulnerability in TIF format

A buffer overflow in LibTiff v4.0.10 allows attackers to cause a denial of service through the “TIFFVGetField” function in the component ‘libtiff/tifdir.c’...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: rainshadow-cec: The TOCTOU race condition in raininterrupt has been fixed. In the interrupt handler raininterrupt, the check for buffer fullness on rain-buflen is performed before acquiring rain-buflock. This creates a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a traversal bug in ext4mbusepreallocated. During allocation, when searching for pre-allocations PA in the per-inode rbtree, we cannot perform a direct traversal of the tree because ext4mbdiscardgrouppreallocation may...

Astra Linux – Vulnerability in openimageio

A buffer overflow vulnerability exists in OpenImageIO v.2.4.12.0 and earlier versions. This vulnerability allows a remote attacker to execute arbitrary code and obtain sensitive information through a crafted file sent to the readimg function...

Astra Linux – Vulnerability in libde265

It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the use of putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted video file...

Astra Linux – Vulnerability in giflib

A heap-based buffer overflow vulnerability exists in the openEuler giflib component on Linux. This vulnerability is associated with the program file gif2rgb.C. This issue affects giflib versions up to 5.2.2...

Astra Linux – Vulnerability in ffmpeg

An integer overflow vulnerability exists in the function filtersobel in libavfilter/vfconvolution.c in Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in PDFium in Google Chrome prior to version 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iomap: A possible overflow condition in iomapwritedelallocscan has been fixed. folionextindex returns a signed long value; shifting this value by PAGESHIFT might lead to an overflow on 32-bit systems. Instead, use folioposfolio +...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: anx7625: Fixed an overflow issue when reading EDID. The length of the EDID block can be longer than 256 bytes. Therefore, we should use int instead of u8 for the edidpos variable...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

A race condition was detected in the Linux kernel’s net/bluetooth device driver, specifically in the conninfomin,maxageset function. This can lead to an integrity overflow issue, potentially causing abnormal Bluetooth connections or denial of service...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fixed an array overflow issue in stsetup. The array size is now adjusted to match the parameter size, rather than using a fixed value...