522801 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed an issue where an index out of bounds could occur in the degamma hardware format translation. This issue was addressed by fixing the index out of bounds situation in the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixing inode number range checks The patch series “nilfs2: Fixing potential issues related to reserved inodes” addresses these issues. This series fixes a use-after-free issue reported by syzbot, which was caused by th...
Astra Linux – Vulnerability in espeak-ng
It was discovered that Espeak-ng 1.52-dev contains a Floating Point Exception due to the use of the PeaksToHarmspect function in wavegen.c...
Astra Linux – Vulnerability in netcdf
A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, when parsing a crafted XML file, performs incorrect memory handling. This results in an overflow of the heap-based buffer when strchr is called, starting with a pointer after a '\0' character where the processing of th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: KVM: s390 – Fixed an issue with validity checks when gisa is disabled. This issue occurs when gisa is disabled either by using the kernel parameter “kvm.usegisa=0” or by setting the related sysfs attribute to N e.g., echo N...
Astra Linux – Vulnerability in exiv2
In Exiv2 0.26, there is a null pointer dereference in the Exiv2::DataValue::toLong function located in value.cpp. This issue is related to crafted metadata in a TIFF file...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fixed a race condition in the DMA ring dequeue process The HCI DMA dequeue path hcidmadequeuexfer may be invoked for multiple transfers that time out at approximately the same time. However, this function is no...
Astra Linux – Vulnerability in Linux 5.15
The function rpmsgvirtioaddctrldev in the file drivers/rpmsg/virtiorpmsgbus.c in the Linux kernel, prior to version 5.18.4, contains a double-free...
Astra Linux – Vulnerability in Poppler
A issue was discovered in Poppler through version 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc...
Astra Linux – Vulnerability in libass
A stack overflow occurred in the parsetag function in libass/assparse.c in libass before version 0.15.0. This vulnerability allows remote attackers to cause a denial of service or remote code execution through a crafted file...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fixed a mismatch in the function prototype in sndseqexpandvarevent. With Clang’s Kernel Control Flow Integrity kCFI; CONFIGCFICLANG feature, indirect call targets are validated against the expected function pointer...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around sysctltcpearlyretrans. When reading sysctltcpearlyretrans, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: Purge vif txq in ieee80211dostop After ieee80211dostop, the packets from vif’s txq could still be processed. Indeed, another concurrent call to scheduleandwaketxq from vif could cause those packets to be dequeued...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: at86rf230: Stop leaking the skb structures. Upon an error, the ieee802154xmitcomplete helper function is not called. Only ieee802154wakequeue is called manually. In the Tx phase, the skb structure is leaked. Leas...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: irqchip/gic-v3: A refcount leak was fixed in gicpopulateppipartitions. The offindnodebyphandle function returns a node pointer with a incremented refcount. We should use ofnodeput on it when there is no longer a need for it. A...
Astra Linux – Vulnerability in pillow
The pathgetbbox function in path.c of Pillow, prior to version 9.0.0, improperly initializes ImagePath.Path...
Astra Linux – Vulnerability in libxml2
It was discovered that Xmlsoft Libxml2 v2.11.0 contains an out-of-bounds read vulnerability through the xmlSAX2StartElement function located at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service DoS by providing a crafted XML file. NOTE: the vendor’s position is tha...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca – fixed a situation where the kernel’s NULL pointer was dereferenced due to an IO error. The initial settings will be written before the codec probe function is called. However, the rt711-component has not yet be...
Astra Linux – Vulnerability in gst-plugins-base1.0
GStreamer is a library for constructing graphs of media-handling components. An OOB-Write has been detected in the function gstparsevorbissetuppacket within vorbisparse.c. The integer value is read from the input file without proper validation. As a result, the value can exceed the fixed size of...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: davicom: fixed a Use-after-Free error in dm9000drvremove. dm is private data for netdev, and it cannot be used after the freenetdev call. Using dm after freenetdev can cause a Use-after-Free bug. This issue was fixed by movi...