Astra Linux – Vulnerability in Linux, Linux 5.10

Rogue backends can cause Denial of Service DoS attacks on guests through high-frequency events. This CNA information record relates to multiple Common Vulnerabilities and Exposures CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Xen allows for the execution of PV...

Astra Linux – Vulnerability in Wireshark

In Wireshark versions 3.2.0 to 3.2.4, the GVCP dissector could enter an infinite loop. This issue was addressed in the epan/dissectors/packet-gvcp.c file by ensuring that the offset increased in all situations...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/kprobes: Updates the kcb status flag after single-stepping. The kprobes function is fixed to update the kcb kprobes control block status flag to KPROBEHITSSDONE, even if the kp-posthandler is not set. This bug may cause a...

Astra Linux – Vulnerability in Python 3.11, Python 3.7

When loading a plist file, the plistlib module reads data in a size specified by the file itself. This means that a malicious file can cause out-of-memory OOM and denial-of-service DoS issues...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: i3c: Added a NULL pointer check in i3cmasterqueueibi The I3C master driver may receive an IBI from a target device that has not been probed yet. In such cases, the master calls i3cmasterqueueibi to queue an IBI work task, leading...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail out from dwc3gadgetexit if dwc-gadget is NULL. There exists a possible scenario in which dwc3gadgetinit may fail: during the switch between peripheral and host modes in dwc3setmode, and if a pending gadget...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: s390/qeth: Fixed a kernel panic that occurred after setting the hsuid attribute. Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device, while the corresponding network interface is already up, the...

Astra Linux – Vulnerability in libsoup2.4

A flaw was discovered in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range multiple times in a single HTTP request, causing the server to use large amounts of memory. This does not resul...

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, a heap out-of-bounds read occurred in the smartcard SetAttrib path when cbAttrLen did not match the actual NDR buffer length. This vulnerability has been fixed in version 3.20.1...

Astra Linux – Vulnerability in glibc

The mqnotify function in the GNU C Library also known as glibc versions 2.32 and 2.33 has a use-after-free vulnerability. It may access the notification thread attributes object passed through its struct sigevent parameter after it has been freed by the caller, resulting in a denial of service...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: A integer overflow has been fixed in the rununpack function. The MFT record related to the opened file contains a runlist—an array containing information about the file’s location on the physical disk. Analysis of all...

Astra Linux – Vulnerabilities in unbound, bind9, dnsmasq

The “Closest Encloser Proof” aspect of the DNS protocol as described in RFC 5155, when the guidance provided in RFC 9276 is skipped enables remote attackers to cause a denial of service resulting in high CPU usage for SHA-1 calculations through DNSSEC responses during a random subdomain attack,...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Added a sanity check for the file name. The length of the file name should be smaller than the directory entry size...

Astra Linux – Vulnerability in Mariadb 10.3

MariaDB before version 10.6.2 allows an application to crash due to improper handling of a pushdown from a HAVING clause to a WHERE clause...

Astra Linux – Vulnerability in Mariadb 10.3

MariaDB before version 10.6.5 has a sqllex.cc integer overflow issue, which can lead to an application crash...

Astra Linux – Vulnerability in libsoup2.4

GNOME libsoup before version 3.6.1 has an infinite loop and consumes a large amount of memory during the reading of certain patterns of WebSocket data from clients...

Astra Linux – Vulnerability in Python 2.7, Python 3.7

The urllib.parse.urlsplit and urlparse functions improperly validate bracketed hosts , allowing hosts that are neither IPv6 nor IPvFuture. This behavior does not conform to RFC 3986 and could potentially enable SSRF if a URL is processed by more than one URL parser...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory Ignore nCR34:0 when loading PDPTEs from memory for nested SVMs. When PAE paging is used, the bits 4:0 of the CR3 register are ignored, and thus VMRUN does not enforce a...

Astra Linux – Vulnerability in net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials could use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 includes a patch to address...

Astra Linux – Vulnerability in libsoup2.4

A flaw was discovered in libsoup. A vulnerability exists in the functions snifffeedorhtml and skipinsignificantspace, which may lead to an over-reading of the heap buffer...