Astra Linux – Vulnerability in SOX

A heap buffer overflow vulnerability was discovered in sox, specifically in the startread function at sox/src/hcom.c:160:41. This flaw can lead to denial of service, code execution, or information disclosure...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm: filemap: fix nrpages calculation overflow in filemapmappages When running stress-ng on my Arm64 machine with v7.0-rc3 kernel, I encountered some very strange crash issues that appeared as “Bad page state”: "734.496287 BUG: Ba...

Astra Linux – Vulnerability in Memcached

A buffer overflow vulnerability in the authfile.c memcached 1.6.9 allows attackers to cause a denial of service through a crafted authentication file...

Astra Linux – Vulnerability in zbar

There is a heap-based buffer overflow in the qrreadermatchcenters function of ZBar 0.23.90. specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To exploit this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: perf: RISC-V: Remove PERFHESSTOPPED flag checking in riscvpmustart Since commit 096b52fd2bb4 "perf: RISC-V: throttle perf events", the perfsampleeventtook function was added to report time spent in overflow interrupts. If the...

Astra Linux – Vulnerability in TeXeVe-bin

It was discovered that texlive-bin commit c515e contains a heap buffer overflow vulnerability through the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS by providing a malicious TTF file...

Astra Linux – Vulnerability in SOX

A vulnerability was discovered in SoX, where a heap buffer overflow occurs in the startread function in the hcom.c file. This vulnerability can be exploited by using a specially crafted hcomn file, which may cause the application to crash...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb-frags overflow in the RX path When receiving data in the DPMAIF RX path, the t7xxdpmaifsetfragtoskb function adds page fragments to an skb without checking whether the number of fragments has...

Astra Linux – Vulnerability in klibc

A issue was discovered in klibc before version 2.0.9. Multiple potential integer overflows in the cpio command on 32-bit systems could lead to a buffer overflow or other security issues...

Astra Linux – Vulnerability in Linux

In the file drivers/pci/hotplug/rpadlpar/sysfs.c within the Linux kernel up to version 5.11.8, the RPA PCI Hotplug driver suffers a user-tolerable buffer overflow when writing a new device name to the driver from user space. This allows user space to write data directly to the kernel stack frame...

Astra Linux – Vulnerability in aom

It was discovered that AOM v2.0.1 contains a global buffer overflow issue through the component av1/encoder/partitionsearch.h...

Astra Linux – Vulnerability in imagemagick

ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow vulnerabilities...

Astra Linux – Vulnerability in ntfs-3g

A properly crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfsgetattributevalue, in NTFS-3G 2021.8.22...

Astra Linux – Vulnerability in WebKit2GTK

Integer overflow has been addressed through improved input validation. This issue is fixed in iOS 14.5.1, iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, and macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fixed the divide by 0 error in calclcoefs The issue arises when the value of u64 type is used in the DIVROUNDUPULL operation. A divide by 0 error can occur if bps plus IOCPAGESIZE is greater than ULLONGMAX. This could...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Networks: Fixed a stack overflow issue when LRO is disabled for virtual interfaces. When the features of a virtual interface are updated, the updated features are synchronized with its underlying interfaces. This synchronization...

Astra Linux – Vulnerability in ffmpeg

An integer overflow vulnerability exists in the function filterrobert in libavfilter/vfconvolution.c in Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not cause an overflow during division for dirty tracking. If pgshift is 63, then BITSPERTYPEbitmap-bitmap pgsize will result in an overflow to 0, which can trigger a division by zero. In this case, the index should...

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in ANGLE in Google Chrome on Windows, prior to version 90.0.4430.93, allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Media: usbtv: Locked resolution during streaming When a program is streaming e.g., ffplay and another program changes the TV standard from NTSC to PAL, the kernel crashes due to attempting to access unmapped memory. Changing from...