Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The signedness bug in smbdirectpreparenegotiation was fixed. The function smbdirectpreparenegotiation casts a unsigned u32 value from sp-maxrecvsize and req-preferredsendsize to a signed int before calculating mintint,.......

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: A potential buffer overflow issue has been fixed in nisetmcspecialregisters. The last case label can write two buffers, mcregaddressj and mcdataj, where the offset of ‘j’ equals SMCNISLANDSMCREGISTERARRAYSIZE. Since...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protection against buffer overflow in struct qibusersdmapkt fields Overflowing either addrlimit or bytestogo can allow the user space to trigger a buffer overflow of kernel memory. Check for overflows in all places where...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: PM / devfreq: Fixed buffer overflow in transstatshow. Fixed buffer overflow in transstatshow. Changed the use of simple snprintf to the safer scnprintf, by using PAGESIZE as an argument. Added condition checking to see if...

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk. A specially crafted Lua script executed in Redis can trigger a heap overflow in the cjson library, leading to heap corruption and potentially remote code execution. This issue exists in all versions of Redis that support Lua scripting,...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: nvidiafb: Use strscpy to prevent buffer overflow Coverity reports a possible buffer overflow issue. However, given the ‘static’ scope of nvidiasetupi2cbus, it seems that this issue cannot occur after examining the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevents stack overflow in mlxbfi2csmbusstarttransaction The memcpy function is called in a loop, without checking the upper bound of 'operation-length', and 'dataidx' is also incremented...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: A boundary check was added before installing cq callbacks. A boundary check has been added inside manaibinstallcqcb to prevent index overflow...

Astra Linux – Vulnerability in libde265

It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the putepel16fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted video file...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Staging: r8188eu: prevented -Ssid overflow in rtwwxsetscan This code includes a check to prevent read overflow, but another check is needed to prevent writing beyond the end of the -Ssid array...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix an issue where overflowing extents beyond the inode size occurs during partial writing. The daxiomaprw function does two things in each iteration: it maps the written blocks and copies user data to those blocks. If...

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, there was a heap buffer overflow vulnerability in the XBM image decoder ReadXBMImage. This vulnerability allowed attackers to write controlled data beyond the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ata: patamacio: Fix DMA table overflow Kolbjorn and Jonáš reported that their 32-bit PowerMacs were crashing in pata-macio since commit 09fe2bfa6b83 “ata: patamacio: Fix maxsegmentsize with PAGESIZE == 64K”. For example: - Kernel...

Astra Linux – Vulnerability in ntfs-3g

In NTFS-3G versions before 2021.8.22, when a specially crafted NTFS attribute is provided to the function ntfsgetattributevalue, a heap buffer overflow can occur, allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access, which can be...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: udf: Avoid excessive partition sizes. Avoid mounting file systems where the partition would overflow the 32-bit range used for block numbers. Also, refuse to mount file systems where the partition size is so large that it is...

Astra Linux – Vulnerability in xwayland, xorg-server

A buffer overflow vulnerability was discovered in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and will copy the data regardless of the siz...

Astra Linux – Vulnerability in xwayland, xorg-server

A heap overflow flaw was discovered in X.Org and Xwayland. The calculation of the length in XkbSizeKeySyms differs from what is stored in XkbWriteKeySyms, which may lead to a heap-based buffer overflow...

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in the Reader Mode of Google Chrome prior to version 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

A issue was discovered in the Linux kernel before version 6.0.11. Missing validation of the number of channels in the drivers/net/wireless/microchip/wilc1000/cfg80211.c file in the WILC1000 wireless driver can lead to a heap-based buffer overflow when copying the list of operating channels from...

Astra Linux – Vulnerability in xwayland, xorg-server

A buffer overflow vulnerability was discovered in X.Org and Xwayland. If the XkbChangeTypesOfKey function is called with a value of 0 for the “groups” parameter, it will resize the key symbol table to 0, but leave the key actions unchanged. If the same function is called later with a non-zero val...