530589 matches found
Astra Linux – Vulnerability in SOX
A floating-point exception division by zero issue was discovered in SoX within the readsamples function of the voc.c file. An attacker with a malicious file could cause the application to crash...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Timers for kernel sockets are properly terminated. We received various reports from syzbot that indicated that TCP timers would still fire even after the corresponding netns has been dismantled. Fortunately, Josef Bacik was...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: tegra – Added the missing CRYPTOALGASYNC flag. The tegra crypto driver failed to set CRYPTOALGASYNC for its asynchronous algorithms. As a result, the crypto API would select these algorithms for users who request only...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid potential deadlocks. The function f2fstrylockop was used in f2fswritecompressedpages to prevent potential deadlocks, just as we did in f2fswritesingledatapage...
Astra Linux – Vulnerability in Nasm
A buffer overflow vulnerability exists in the hashfindi function in hashtbl.c in nasm 2.15rc0, allowing remote attackers to cause a denial of service through a crafted ASM file...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: sockmap: Added a condresched function in sockhashfree. Several reports of syzbot soft lockups involve sockhashfree. If a map with a large number of buckets is destroyed, we need to yield the CPU when necessary...
Astra Linux – Vulnerability in libde265
It was discovered that libde265 v1.0.10 contains a NULL pointer dereference in the putunweightedpred16fallback function located in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack through a crafted input file...
Astra Linux – Vulnerability in Apache2
The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large inputs using aprwrite or aprputs. This issue can occur, for example, when using the modluas r:puts function. Modules that are compiled and distribute...
Astra Linux – Vulnerability in Qemu
QEMU 5.0.0 has a heap-based Buffer Overflow in the flatviewreadcontinue function in exec.c, as hw/sd/sdhci.c improperly handles a write operation in the SDHCBLKSIZE case...
Astra Linux – Vulnerability in hdf5
A issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5ACunpinentry, located in H5AC.c. This allows an attacker to cause a Denial of Service attack...
Astra Linux – Vulnerability in linux-astra-modules-5.4, linux-astra-modules-5.10
The vulnerability of the parsec inodesetattr function in the Linux-astra-modules kernel module is related to the assignment of a null pointer. Exploiting this vulnerability allows an attacker to cause service failures...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot continues to report a issue 1 that occurs when erroneous symbols sent from userspace get through into useralpha2 via the regulatoryhintuser call. Such invalid...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: HID: Multitouch – Added a NULL check in mtinputconfigured. The devmkasprintf function may return a NULL pointer if it fails, but this returned value in mtinputconfigured is not checked. A NULL check should be added in...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxrproc: The issue of a refcount leak in imxrprocaddrinit has been fixed. Since the ofparsephandle function returns a node pointer with a refcount incremented, we should use ofnodeput on it when it is no longer neede...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: The statement “goto right label ‘outmmapsem’” in ext4setattr has been removed. Otherwise, if ext4 inodeattachjinode fails, a hung task will occur because the function filemapinvalidateunlock is not called to unlock...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed the issue where “vf” might be used without initialization in this function. To address the regression introduced by commit 52424f974bc5, which causes servers to hang under very difficult-to-reproduce conditions due...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Fixed a potential data race in nftexprtypeget. The function nftunregisterexpr can occur concurrently with nftexprtypeget. There is no protection when iterating over the nftablesexpressions list in...
Astra Linux – Vulnerability in ffmpeg
A buffer overflow vulnerability exists in FFmpeg 4.2, specifically in the builddiffmap function within libavfilter/vffieldmatch.c. This vulnerability could allow a remote malicious user to cause a Denial of Service attack...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fixed a memory leak in amdpmcstbdebugfsopenv2. The function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism is enabled. When amdpmcsendcmd fails, the ‘buf’ variable needs to be released...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: HID: apple: avoided a memory leak in applereportfixup The applereportfixup function was returning a buffer allocated using kmemdup, but never freeing that buffer. The caller of reportfixup does not take ownership of the returned...