Astra Linux – Vulnerability in glibc

The deprecated compatibility function svcunixcreate in the sunrpc module of the GNU C Library aka glibc from version 2.34 onwards copies the path argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the applicati...

Astra Linux – Vulnerability in ipython

IPython Interactive Python is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to a vulnerability that allows arbitrary code to be executed, due to improper management of cross-user...

Astra Linux – Vulnerability in zsh

In zsh before version 5.8.1, an attacker can gain code execution if they control the command output within the prompt, as demonstrated by using a %F argument. This occurs due to the recursive PROMPTSUBST expansion...

Astra Linux – Vulnerability in Firefox

Mozilla developers reported memory safety bugs in Firefox 92. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 93...

Astra Linux – Vulnerability in Linux

It was discovered that the eBPF implementation in the Linux kernel failed to properly track bound information for 32-bit registers when performing division and modulo operations. A local attacker could use this vulnerability to potentially execute arbitrary code...

Astra Linux – Vulnerability in Linux

In the Linux kernel before version 5.11.14, there is a use-after-free issue in the cipsov4genopt module, located in net/ipv4/cipsoipv4.c. This issue arises due to improper handling of the CIPSO and CALIPSO reference counts related to DOI definitions. As a result, an arbitrary value is written to...

Astra Linux – Vulnerability in Ruby 2.5

In RDoc 3.11 through 6.x, as distributed with Ruby up to 3.0.1, it was possible to execute arbitrary code using | and tags within a filename...

Astra Linux – Vulnerability in WebKit2GTK

Multiple memory corruption issues have been resolved through improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, and Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in openjpeg2

A heap-buffer overflow was discovered in the way openjpeg2 handles certain PNG format files. An attacker could exploit this flaw to cause an application to crash, or in some cases to execute arbitrary code with the permission of the user running such an application...

Astra Linux – Vulnerability in git-lfs

Git LFS is an extension to Git for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository’s working tree with the contents of Git LFS objects, certain Git LFS commands may write to files that are visible outside the current Git working tree if symbolic o...

Astra Linux – Vulnerability in openjdk-11, bcel

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

Astra Linux – Vulnerability in grub2

There is a use-after-free vulnerability in the grubcmdchainloader function. The chainloader command is used to boot up operating systems that do not support multiboot and do not have direct support from GRUB2. When executing chainloader more than once, a use-after-free vulnerability is triggered...

Astra Linux – Vulnerability in Thunderbird, Firefox

Memory safety bugs exist in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has be...

Astra Linux – Vulnerability in Chromium

Before version 146.0.7680.153, read and write operations in WebGL in Google Chrome allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Critical...

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140, and Thunderbird 140. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability ha...

Astra Linux – Vulnerability in LibreOffice

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint servers. An additional scheme ‘vnd.libreoffice.command’ specific to LibreOffice was added. In the affected versions of LibreOffice, links using this scheme could be used to invoke internal macr...

Astra Linux – Vulnerability in libx11, libxpm

A vulnerability was discovered in libX11 due to an integer overflow within the XCreateImage function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges...

Astra Linux – Vulnerability in tpm2-tss

tpm2-tss is an open-source software implementation of the Trusted Computing Group’s Trusted Platform Module 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, functions Tss2RCSetHandler and Tss2RCDecode both indexed into layerhandler using an 8-bit layer number. However,...

Astra Linux – Vulnerability in curl

There is a path traversal vulnerability in the 8.0.0 SFTP implementation of curl. This vulnerability causes the tilde character to be incorrectly replaced when used as a prefix in the first path element. Additionally, the tilde is intended to be used as the first element to indicate a path relati...

Astra Linux – Vulnerability in wpa

A issue was discovered in Ubuntu wpasupplicant, resulting in the loading of arbitrary shared objects. This allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of wpasupplica...