Astra Linux – Vulnerability in libcroco

In libcroco version 0.6.13, there is excessive recursion in the cr parser function cr parserparseanycore in cr-parser.c, resulting in stack consumption...

Astra Linux – Vulnerability in hdf5

A SIGFPE signal is raised in the function applyilters of h5repackfilters.c in the HDF HDF5 through 1.10.3 library during an attempt to parse a crafted HDF file, due to incorrect protection against division by zero. This could allow a remote denial-of-service attack...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Check the ‘folio’ pointer to ensure it is not NULL. It can become NULL if the bbmap function is called...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vfio/pds: Fixed the missing detachioas operation. When CONFIGIOMMUFD is enabled and a device is bound to the pdsvfiopci driver, the following WARNON trace is observed, and the probe fails: WARNING: CPU: 0 PID: 5040 at...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: The issue related to irqdisabled in localbhenable has been fixed. The rxrpcassessMTUsize function calls down into the IP layer to determine the MTU size for a route. When accepting an incoming call, this function is called...

Astra Linux – Vulnerability in gdk-pixbuf

In GNOME GdkPixbuf also known as gdk-pixbuf up to version 2.42.10, the ANI decoder used for Windows animated cursors encounters heap memory corruption when parsing chunks from a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, resulting in a denial-of-service...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/fslpamu: Fixed a resource leak in fslpamuprobe. The fslpamuprobe function returns immediately when createcsd fails, resulting in the interrupt queue and memory resources not being released. This issue was fixed by jumping t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: clocksource/drivers/cadence-ttc: Fixed a memory leak in ttctimerprobe. Matching reports: drivers/clocksource/timer-cadence-ttc.c: Line 529, ttctimerprobe; Warning: ‘timerbaseaddr’ from ofiomap is not released on lines...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: add phymask for ax88772 mdio bus Without setting the phymask for the ax88772 mdio bus, the current driver may create at most 32 mdio PHY devices with PHY addresses ranging from 0x00 to 0x1f. The DLink...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Cancel the running BPF timer through kworker for PREEMPTRT During the update process, when overwriting an element in a pre-allocated htab, the freeing of oldelement is protected by the bucket lock. The reason why the bucket...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fixed the warning when removing the module When removing the module, the following warning will appear: 14.746697 removeprocentry: Removing the non-empty directory ‘irq/21’; data is being leaked at least from...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: A missing return value check bug has been fixed. In the smb2sendinterimresp function, if ksmbdallocworkstruct fails to allocate a node, it returns a NULL pointer to the inwork pointer. This can lead to an illegal memory...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/siw: Fixed a refcounting leak in siwcreateqp. The atomicinc function needs to be paired with an atomicdec function in the error handling path...

Astra Linux – Vulnerability in Gdal

GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in the PCIDSK::CPCIDSKFile::ReadFromFile function invoked from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment...

Astra Linux – Vulnerability in SQLite3

The zipfileUpdate function in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during the update of a ZIP archive...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net: bridge section, for the mcast function, it was decided to always update the mdbnEntries value for VLAN contexts. The syzbot triggered a warning1 regarding the number of mdb entries in a context. It turns out that ther...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fix memory access flags in helper prototypes After the commit 37cce22dbd51 “bpf: verifier: Refactor helper access type tracking”, the verifier began relying on the access type flags in helper function prototypes to perfor...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed a memory leak in the GETDATADIRECTSYSFSPATH handler. The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceed...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The call to ksmbdvfskernpathendremoving is required on some error paths. There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what the corresponding successful call to...

Astra Linux – Vulnerability in cups

OpenPrinting CUPS is an open-source printing system. In versions 2.4.2 and earlier, a heap buffer overflow vulnerability existed, which allowed a remote attacker to launch a Denial-of-Service DoS attack. This vulnerability was present in the formatlogline function. Exploitation of this...