2431 matches found
Astra Linux – Vulnerability in Chromium
The use of uninitialized variables in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Before version 123.0.6312.58, using Swiftshader in Google Chrome allowed a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in WebGL in Google Chrome prior to version 146.0.7680.165 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in WebAudio in Google Chrome prior to version 146.0.7680.165 allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Before version 146.0.7680.178, using WebCodecs in Google Chrome allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
A out-of-bounds read in Skia using Google Chrome before version 146.0.7680.153 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
The use of after-free in V8 in Google Chrome before version 141.0.7390.54 allowed a remote attacker to potentially perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/rds: fixed the possible null dereference of cp The cp parameter may be null. Calling cp-cpconn would result in a null dereference. Simon Horman adds: Analysis: cp is a parameter of rdsrdmamap and is not reassigned. The...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed the response length checking for UD request packets. According to the IBA specification: If a UD request packet is detected with an invalid length, the request shall be considered invalid, and it shall be silently...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: rds: Fixed a possible NULL pointer dereferencing issue. In the rdsrdmacmeventhandlercmn function, if the conn pointer exists before dereferencing it as an argument for rdmasetservicetype, a problem was identified. This issue...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed a segmentation fault in rxecompqueuepkt. In rxecompqueuepkt, an incoming response packet is enqueued into the resppkts queue. Then, it is decided whether to run the completer task inline or schedule it. Finally, t...
Astra Linux – Vulnerability in Qemu
A flaw was discovered in the QEMU implementation of VMWare’s paravirtual RDMA device. This flaw allows a malicious guest driver to allocate and initialize a large number of page tables, which can be used as a ring of descriptors for CQ and async events. This could potentially lead to out-of-bound...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevention of use-after-free in erdmaacceptnewconn After the erdmacepputnewcep function is called, newcep will be freed. The subsequent dereferencing of newcep may lead to a Use-After-Free UAF issue. This issue has be...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed a NULL pointer issue in freemrinit. A lock grab occurs in a concurrent scenario, resulting in dereferencing a NULL pointer. This issue should be addressed by using initmutexinit before acquiring a lock. Unable ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed the use of spinunlockirqrestore, which is called with IRQs enabled. Fixed incorrect use of spinlockirq/spinunlockirq when spinlockirqsave/spinlockirqrestore was held. This issue was discovered through lock...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fixed the issue of accessing an invalid dipctx during the destruction of QP. If the system fails to modify QP to RTR, the dipctx will not be attached. During the destruction of QP, the invalid dipctx pointer will be...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out-of-bounds memory access via a crafted HTML page...
Astra Linux – Vulnerability in Chromium
In Google Chrome browsers, out-of-bounds memory access in V8 was possible before version 89.0.4389.72. This allowed a remote attacker to potentially perform out-of-bounds memory access through a crafted HTML page...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fixed a possible memory leak. This issue occurs in bnxtresetupchipctx, when bnxtqplibmapdbbar fails; the driver does not free the memory allocated for “rdev-chipctx”...