530624 matches found
Astra Linux – Vulnerability in Linux 5.10
A issue was discovered in the Linux kernel through version 5.16-rc6. The ef100updatestats function in drivers/net/ethernet/sfc/ef100nic.c lacks a check for the return value of kmalloc...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables – A memory leak occurred during the stateful object update. Stateful objects can be updated from the control plane. The transaction logic allocates a temporary object for this purpose. The -init function wa...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use the correct macoffset to unwind gso skb in nshgsosegment. As shown in the call trace, the skbpanic error occurred due to an incorrect skb-macheader in nshgsoSegment. Invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU:...
Astra Linux – Vulnerability in faad2
A issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the stszin function located in mp4read.c. This allows an attacker to cause code execution...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/slub: A check for s-flags was added in the alloctaggingslabfree hook function. When CONFIGMEMCG, CONFIGKFENCE, and CONFIGKMEMLEAK are enabled, the following warning always occurs. This is because the following call stack...
Astra Linux – Vulnerability in libsoup2.4
A flaw was discovered in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniffmp4 function. The HTTP server may cause the libsoup client to crash...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
A vulnerability, classified as critical, has been discovered in the Linux kernel. The affected component is the deltimer function in the file drivers/isdn/mISDN/l1oipcore.c of the Bluetooth module. This vulnerability allows for manipulation leading to memory deallocation after it has been freed. ...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netdevsim: A trailing zero was added to terminate the string in nsimnexthopbucketactivitywrite. This issue was identified by a static analyzer. We should not forget the trailing zero after copyfromuser if we will perform further...
Astra Linux – Vulnerability in Linux 5.10
A vulnerability has been discovered in the Linux kernel. It has been rated as problematic. The affected component is the sessfreebuffer function in the fs/cifs/sess.c file of the CIFS Handler module. This vulnerability can lead to double-free operations. It is recommended that patches be applied ...
Astra Linux – Vulnerability in libvirt
A flaw was discovered in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, leading to a race condition and a denial of service when attempting to lock the same object from another thread. This issue could cause clients connecting to the read-only socket ...
Astra Linux – Vulnerability in connman
A issue was discovered in the DNS proxy of Connman through version 1.40. The forwarddnsreply function improperly handles a strnlen call, resulting in an out-of-bounds read...
Astra Linux – Vulnerability in libslirp
An invalid pointer initialization issue was discovered in the SLiRP networking implementation of QEMU. The flaw resides in the tftpinput function and can occur when processing an UDP packet that is smaller than the size of the ‘tftpt’ structure. This issue may lead to out-of-bounds read access or...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: meson: axg-card: fixed “use-after-free” issue The buffer “card-dailink” is reallocated in “mesoncardreallocatelinks”. Therefore, the initialization of the “pad” pointer should be moved after this function, when the memor...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed to avoid potential panic during recovery. During recovery, if FAULTBLOCK is enabled, it is possible that f2fsreservenewblock will return -ENOSPC during recovery, which may trigger a panic. Additionally, if the faul...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: x86/mm: Ensure that the input to pfntokaddr is treated as a 64-bit type. On 64-bit platforms, the pfntokaddr macro requires that the input value be 64 bits. This ensures that valid address bits are not lost when shifting the...
Astra Linux – Vulnerability in binutils
A out-of-bounds read flaw was discovered in the parsemodule function in bfd/vms-alpha.c in Binutils...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Power: Supply: bq27xxx-i2c: Do not free non-existent IRQs. The bq27xxx i2c-client may not have an IRQ; in such cases, client-irq will be 0. The bq27xxxbatteryi2cprobe function already includes a check for client-irq, which wraps...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fixed the use-after-free issue in gtpdellink. Since the callrcu function, which is called during the hlistforeachentryrcu traversal of gtpdellink, is not part of the RCU read critical section, it is possible that the RC...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-m2m: fixed a memory leak in v4l2m2mregisterentity. The entity-name i.e., the name field is allocated during the v4l2m2mregisterentity function, but it is not freed during subsequent error-handling processes. This patc...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: netlink: Fixed an issue where the kernel could be exposed after free operation in skbdatagramiter. The syzbot reported the following issue with uninitialized value access 1: The netlinktofullskb function creates a new skb and...