529964 matches found
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iommu: sprd: Avoid NULL deref in sprdiommuhwen In the sprdiommucleanup function, before calling the sprdiommuhwen function, dom-sdev is set to NULL, which leads to a null dereference. This issue was detected by the Linux...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/vma: Fixed an anonymous VMA UAF issue related to mremap, where faulty VMA was merged with unfaulted VMA. The patch series “mm/vma: Fix anonymous VMA UAF in mremap faulty/uncorrected merges”, version 2, addresses this issue...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: fbdev: smscufx: Fixed several use-after-free bugs. Several types of UAFs Use-After-Free errors can occur when physically removing a USB device. The function ufxopsdestroy has been added to the .fbdestroy of the fbops structure...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ntfs: Set a dummy block size to “read bootblock” when mounting. During mounting, sb-sblocksize is used to read the bootblock without being defined or validated. Set a dummy block size before attempting to read the bootblock. The...
Astra Linux – Vulnerability in faad2
A issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbrqmfanalysis32 located in sbrqmf.c. This allows an attacker to cause code execution...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: LoongArch: Optimized module load time by optimizing PLT/GOT counting. When CONFIGKASAN, CONFIGPREEMPTVOLUNTARYBUILD, and CONFIGPREEMPTVOLUNTARY are enabled simultaneously, a soft deadlock may occur. The relevant logs are as...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are vulnerable to an Out-of-Bounds Write attack in the cleardecompressbandsdata function, where there is no offset validation. Abuse of this vulnerability could lead to an...
Astra Linux – Vulnerability in Samba
A Type Confusion vulnerability was discovered in Samba’s mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary, where the keys are character strings, and the values can be any of the supported types in the mdssvc...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fixed a null pointer dereferencing in ofsysconregister. The kasprintf function returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure...
Astra Linux – Vulnerability in Qemu
In QEMU versions up to 8.0.0, a division by zero can occur in the scsidiskreset function in hw/scsi/scsi-disk.c. This occurs because scsidiskemulatemodeselect does not prevent the s-qdev blocksize from being 256. This causes QEMU and the guest to stop functioning immediately...
Astra Linux – Vulnerability in xrdp
xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp versions prior to 0.9.21 contain a buffer overflow in the audinsendopen function. There are no known workarounds for this issue. Users are advised to upgrade...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-mpmu: Fixed the issue where a NULL value was returned instead of an ISERR pointer. The devmkzalloc function now returns NULL if there is an error, rather than an error pointer. The check has been updated to matc...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: seg6: Fixed parameter passing when calling NFHOOK in the End.DX4 and End.DX6 behaviors. The functions inputactionenddx4 and inputactionenddx6 call NFHOOK for the PREROUTING hook. During the PREROUTING hook, a valid indev and a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: A unlikely NULL pointer dereference occurred during the probe phase. The inteldmcupdatedc6allowedcount function contains an oop when DMC has not been initialized, resulting in dmc being NULL. This issue occurs when...
Astra Linux – Vulnerability in leptonlib
Leptonica before version 1.80.0 allows a denial-of-service attack application crashes due to an incorrect left shift in the pixConvert2To8 function in pixconv.c...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nfsd: avoiding reference leaks in nfsdopenlocalfh If two calls to nfsdopenlocalfh race against each other and both successfully call nfsdfileacquirelocal, they will both receive an additional reference to the network, which will ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fixed an infinite loop triggered by a zero-sized ATTRLIST. We have identified a bug in the ntfs3 file system that can lead to a Denial-of-Service DoS attack. A malformed NTFS image can cause an infinite loop when the...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem with the udlfb driver, caused by an endpoint that does not have the expected type. usb 1-1: Failed to read the EDID byte 0; result: -71. usb 1-1: Unable to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Free pages with an error in btrfsuringreadextent In this function, the ‘pages’ object is never freed, in the hope that it will be picked up by btrfsuringreadfinished whenever that function is executed in the future. But...
Astra Linux – Vulnerability in poppler, poppler-22
Before version 25.04.0, crafted input files could cause out-of-bounds reads in the JBIG2Bitmap::combine function within JBIG2Stream.cc, due to an improperly placed isOk check...