530327 matches found
Astra Linux – Vulnerability in Squid
Squid is a caching proxy for the web that supports HTTP, HTTPS, FTP, and other protocols. A bug related to incorrect checking of function return values makes Squid vulnerable to Denial of Service attacks targeting its helper process management. This bug has been fixed in Squid version 6.5. Users...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel before version 6.5.9, there is a NULL pointer dereferencing in the sendacknowledge function in net/nfc/nci/spi.c...
Astra Linux – Vulnerability in binutils
A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It involves an attempt at excessive memory allocation in the bfdelfslurpversiontables function within elf.c...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Fixed race condition in TTY wakeup A race condition occurs when gsstartio calls either gsstartrx or gsstarttx. These functions briefly release the portlock of usbepqueue. This allows gsclose and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: The vmwtranslateptr functions now return the correct value. Before this fix, these functions used a lookup function that returned a pointer. This has been changed to a new lookup function that returns an error code,...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2, where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub’s argument list. However, it does not check in case the memory allocation fails. Once the allocation fails, a NULL pointer will be processed by the parseoption function,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Fixed a race condition between concurrent call paths that invoke dwc3removerequests. This patch addresses a race condition caused by unsynchronized execution of multiple call paths that invoke dwc3removerequests, leadi...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Bonding: Fixed type confusion in bondsetupbyslave Kernel bug at net/core/skbuff.c:2306! Oops: Invalid opcode: 0000 1 SMP KASAN NOPTI RIP: 0010:pskbexpandhead+0xa08/0xfe0, net/core/skbuff.c:2306 RSP: 0018:ffffc90004aff760, EFLAGS:...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, from version 5.19.9 onwards, the drivers/scsi/stex.c file allows local users to access sensitive information from kernel memory. This occurs because the stexqueuecommandlck function lacks a memset for the PASSTHRUCMD case...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed memory leakage This patch addresses potential memory leakage and segmentation faults in the gpuvmimportdmabuf function...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are vulnerable to an Out-of-Bounds Write vulnerability in the progressivedecompress function. This issue is likely due to incorrect calculations of the nXSrc and nYSrc...
Astra Linux – Vulnerability in GhostScript
Artifex Ghostscript version 10.05.1 has a stack-based buffer overflow issue in the pdfwritecmap function, located in the device/vector/gdevpdtw.c file...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fixed a possible NULL pointer dereferencing caused by driver concurrency. In dwc2hcdurbenqueue, the statement “urb-hcpriv = NULL” is executed without holding the lock “hsotg-lock”. In dwc2hcdurbdequeue: c...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Since acpiinstallfixedeventhandler automatically enables the event handling mechanism upon success, it is incorrect to call it before the handler routine is ready to handle...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: clocksource: Use migratedisable to avoid calling getrandomu32 in an atomic context. The following bug report occurred with the PREEMPTRT kernel: - Bug: A sleeping function was called from an invalid context at...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: rtmutex: The rtmutex::waitlock function is dropped before scheduling. The rtmutexhandledeadlock function is called with the rtmutex::waitlock lock still held. In the good case, it returns with the lock held; in the deadlock case,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: The NFSINOLAYOUTCOMMIT field was cleared in pnfsmarklayoutstateidInvalidial. This fix prevents a crash occurring when the layout is null during this call stack: write inode - nfs4write inode - pnfslayoutcommit inode...
Astra Linux – Vulnerability in binutils
There is a flaw in the bfdpefparsefunctionstubs function within bfd/pef.c in the binutils in versions prior to 2.34. This flaw could allow an attacker who can submit a crafted file to be processed by objdump to cause a NULL pointer derefrence error. The most significant threat of this flaw is to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: rxrpc, afs: Fixing the issue where a missing error pointer check occurs after rxrpckernellookuppeer. The rxrpckernellookuppeer function can also return error pointers in addition to NULL. Therefore, simply checking for NULL is...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mfd: max77620: Fixed the refcount leak in max77620initialisefps. The ofgetchildbyname function returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Add the missi...