530599 matches found
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2 in versions prior to 2.06. Variable names present in the supplied command line are expanded into their corresponding variable contents, using a 1 kB stack buffer for temporary storage. However, there is insufficient bounds checking. If the function is called with a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cifs: Fixed data corruption during writeback operations. The cifswriteback mechanism does not properly handle the situation where cifsextendwriteback reaches a point where an additional folio needs to be processed. This could...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: NFS: A race condition during the update of an existing write request has been fixed. After the nfslockandjoinrequests function checks whether the request is still attached to the mapping, nothing prevents a call to nfs...
Astra Linux – Vulnerability in libxml2
The vulnerability of the xmlBufSetInputBaseCur function in the Libxml2 library is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: ipa: Fixed the issue where the event ring index was not properly programmed for IPA v5.0+. For IPA v5.0+ onwards, the event ring index field has been moved from CHCCNTXT0 to CHCCNTXT1. In IPA v5.0, this field was intended to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fixed an out-of-bounds read in cifssanitizeprepath. When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., /, the current logic attempts to check cursor2 - 1 before...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed a deadlock in l2capconndel. The l2capconndel function calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the functions l2capinfotimeout and...
Astra Linux – Vulnerability in ffmpeg
A issue was discovered in the function filterframe in libavfilter/vflenscorrection.c in Ffmpeg 4.2.1. This issue allows attackers to cause a Denial of Service or other unspecified impacts due to a division by zero...
Astra Linux – Vulnerability in libgit2
libgit2 is a portable C implementation of the Git core methods, provided as a linkable library with a robust API. It allows for integrating Git functionality into your application. However, using properly crafted inputs to gitindexadd can lead to heap corruption, which may be exploited for...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Only dirty folio entries are marked when regular files are journaled. The fstest generic/388 test occasionally causes a crash that appears as follows: BUG: The kernel dereferes a NULL pointer; address: 0000000000000000… …...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dax: Make sure that inodes are flushed before destroying the cache. A bug can be triggered by executing the following command: $ modprobe ndpmem && modprobe -r ndpmem The following error messages were recorded: 10.060014 BUG...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpi3mr: Issues in mpi3mrgetalltgtinfo have been fixed. The function mpi3mrgetalltgtinfo has four issues: 1. It calculates the valid entry length in alltgtinfo assuming that the header part of the struct mpi3mrdevicemapin...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: tty: xilinxuartps: split sysrq handling The lockdep tool detected the following circular locking dependencies: CPU 0 CPU 1 ========================== ============================ cdnsuartisr printk uartportlockport consolelock...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Handle NULL returned by xdpconvertbufftoframe. The function xdpconvertbufftoframe may return NULL if it fails to correctly convert the XDP buffer into an XDP frame due to memory constraints, internal errors, or...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: VLAN: Enforcing the underlying device type Currently, VLAN devices can be created on top of non-Ethernet devices. Aside from the fact that this approach doesn’t make much sense, it also causes a bug that leads to the leakage of t...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: discard write access to the directory open The mayopen function does not allow a directory to be opened with write access. However, some writing flags set by clients result in adding write access on the server, making ksmb...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Avoid using GFPKERNEL in an atomic context. Using GFPKERNEL in a preemption-disabled context may cause the following warning when CONFIGDEBUGATOMICSLEEP is enabled. 32.542271 BUG: A sleeping function was called from...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: octeontx2-af: fixed the double-free in rvunpcfreemem. Clang static checker scan-build warning: drivers/net/ethernet/marvell/octeontx2/af/rvunpc.c, line 2184, column 2: Attempt to free released memory. The function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: A double-free bug has been fixed in rockchipusb2phyprobe. The foreachavailablechildofnode function calls ofnodeput to release the child NPN in each successful loop. After exiting the loop when the child...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Staging: fbtft: Core: Set smemlen before calling fbdeferredioinit. The fbtftframebufferalloc function calls fbdeferredioinit before initializing info-fix.smemlen. This value is set to zero by the framebufferalloc function. This...