10713 matches found
Astra Linux - уязвимость в parsec
The vulnerability of the hashinitialize function in the PARSEC security subsystem is related to the assignment of a null pointer. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mediatek: common: Fixed a reference count leak in parsedailinkinfo. Added calls to ofnodeput before the returns from ofnodeget and ofnodeput, which can prevent imbalance if the “foreachavailablechildofnode” loop terminat...
Astra Linux - уязвимость в parsec
The vulnerability of the pdpl-user utility in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Added parameter validation for packet data. Syzbot reported a bug involving uninitialized values in nciinitreq. This bug was introduced through the commit 5aca7966d2a7 “Merge tag...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: SOF: Intel: hda: Fixed NULL pointer dereferencing issues If there is a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: Invalid parameter check in msmdsiPhyEnable The function performs a check on the “phy” input parameter, however, it is used before the check. The “dev” variable is initialized after the sanity check to avoid a possibl...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: Adjust error handling in case of absent codec device. The acpigetfirstphysicalnode function can return NULL in several cases e.g., when no such device exists, an ACPI table error occurs, the reference count drops to 0,...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: MOST: Fix for double-free operations during late probe failures. The MOST subsystem includes a non-standard registration function that releases the interface when registration failures occur or when deregistration is required. Th...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
A deadlock flaw was discovered in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system...
Astra Linux - уязвимость в linux, linux-5.10
A race condition flaw was discovered in the Linux kernel sound subsystem due to improper locking mechanisms. This could lead to a NULL pointer derefrence during the handling of the SNDCTLDSPSYNC ioctl command. A privileged local user such as root or a member of the audio group could exploit this...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fixed an issue where PCM OSS buffer allocation might overflow. We have received reports of situations where INTMAX is exceeded during memory allocation using vmalloc. This issue occurs when the sndpcmplugalloc function...
Astra Linux - уязвимость в linux, linux-5.10
A flaw after-free usage in the function scosocksendmsg of the Linux kernel’s HCI subsystem was discovered. This flaw allows a privileged local user to exploit it to crash the system or escalate their privileges on the system. This flaw triggers a race condition when the user calls ioct...
Astra Linux - уязвимость в linux, linux-5.10
In various setup methods of the USB gadget subsystem, there is a possibility of unauthorized writing due to an incorrect flag check. This could lead to a local escalation of privileges without the need for additional execution privileges. User interaction is not required for exploitation. Product...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: scsidhalua: Fixed a memory leak related to ‘qdata’ in aluactivate. If alurtpgqueue fails during aluactivate, ‘qdata’ is not freed, resulting in the following memory leak: Unreferenced object: 0xffff88810b2c6980 size 32...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: acct: A potential integer overflow has been fixed in encodecompt. The integer overflow is described with the following code: c 317 static compt encodecomptu64 value 318 319 int exp, rnd; ...... 341 exp 342 exp += value; 343 retur...
Astra Linux - уязвимость в parsec
The vulnerability of the typefromtext function in the PARSEC security subsystem is related to accessing beyond the global buffer boundaries. Exploiting this vulnerability allows an attacker to gain access to confidential data and also cause service failures...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: iommu/arm-smmu-qcom: Added SM6115 MDSS compatibility. Added SM6115 MDSS compatibility to the list of compatible devices, as it also requires that workaround. Without this workaround, for example, the QRB4210 RB2, which is base...
Astra Linux - уязвимость в freeglut
It was discovered that freeglut 3.4.0 contains a memory leak due to a memory leak involving the menuEntry variable within the glutAddSubMenu function...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: thermal/int340xthermal: handles datavault when the value is ZEROSIZEPTR. In some cases, GDDV returns a packet with a buffer of zero length. This causes kmemdup to return ZEROSIZEPTR 0x10. As a result, datavaultread encounters a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fixed a possible null-ptr-deref issue when initializing hardware. The result of the avsdaifindpathtemplate function must be verified before being used. Since the ‘template’ is already known when...