Astra Linux – Vulnerability in openexr

There is a heap-based buffer overflow vulnerability in Academy Software Foundation OpenEXR 2.3.0, specifically in the chunkOffsetReconstruction function within ImfMultiPartInputFile.cpp. This vulnerability can lead to a denial of service attack through an exploited EXR file...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2lwdt: Fixed the 32-bit overflow issue. The value of timercycleus can be 0 due to 32-bit overflow. For example, if we assign the counter value “0xfff” for computing maxval. This patch fixes this issue by appending...

Astra Linux – Vulnerability in ntfs-3g

In NTFS-3G versions 2021.8.22, when specially crafted NTFS attributes are read in the function ntfsattrpreadi, a heap buffer overflow can occur, allowing for writing to arbitrary memory or causing denial of service for the application...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pdscore: A condition where adminq commands may overflow or get stuck has been prevented. The adminq of pdscore is protected by the adminqlock, which prevents more than one adminq command from being posted at any given time. This...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verify the v4l2bttimings blanking fields in order to avoid integer overflows when the user space passes strange values. However, this...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: The can: hi311x module has corrected the ndochangemtu function to prevent buffer overflows. Sending a PFPACKET allows bypassing the CAN driver’s logic and directly reaching the xmit function of the CAN driver. The only check...

Astra Linux – Vulnerability in libde265

It was discovered that Libde265 v1.0.12 contains multiple buffer overflows due to vulnerabilities in the numtilecolumns and numtilerow parameters of the picparameterset::dump function...

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in TabStrip in Google Chrome prior to version 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in Thunderbird

In SkRegion.cpp, there is a potential out-of-bounds write due to an integer overflow. This could lead to a local privilege escalation without the need for additional execution privileges. User interaction is not required for exploitation...

Astra Linux – Vulnerability in WebKit2GTK

A buffer overflow issue has been addressed through improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2, and iPadOS 15.2, as well as watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in GhostScript

A issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow occurs when parsing the filename format string for the output filename, resulting in path truncation, as well as possible path traversal and code execution...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a potential buffer overflow in ‘dpdscclockenread’. Inform ‘snprintf’ to store at most 10 bytes in the output buffer, instead of 30. The issue has been fixed in the following file:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a slab-out-of-bounds read in eaget During the “sizecheck” step in eaget, the code checks whether the extended attribute list xattr size matches easize. If not, it logs “eaget: invalid extended attribute” and calls...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: BPF, sockmap: Do not allow sockmapclose,destroy,unhash to call itself. Proto callback functions in sockmap should never call themselves by design. Protect against bugs like 1 and break out of the recursive loop to avoid a stac...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915/ttm: fixed handling of CCS Crucible + recent Mesa sometimes causes the following issue: GEMBUGONnumccsblks NUMCCSBLKSPERXFER It seems that this issue can also be triggered with gemlmemswapping, if we modify the tests ...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a signed-integer-overflow bug in tcpaddbacklog The types of skrcvbuf and sksndbuf within the struct sock structure are int. In tcpaddbacklog, the limit for these variables is calculated by adding skrcvbuf, sksndbuf, an...

Astra Linux – Vulnerability in binutils

A vulnerability has been discovered in GNU Binutils 2.45. The affected element is the function elfswapshdr in the bfd/elfcode.h library of the Linker component. Manipulation of this function leads to a heap-based buffer overflow. This attack must be carried out locally. The exploit has been...

Astra Linux – Vulnerability in Firefox

Sandbox escape due to integer overflow in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143.0.3...

Astra Linux – Vulnerability in ffmpeg5

FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger the use of a parameter with a negative size in the avsamplessetsilence function in the libavutil/samplefmt.c:260:9 component...

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the Big Requests extension. The length of the request is multiplied by 4 before checking against the maximum allowed size, which may lead to an integer overflow and bypassing the size check...