10766 matches found
Astra Linux - уязвимость в firefox
If array shift operations are not used, the Garbage Collector may become confused regarding valid objects. This vulnerability affects Firefox versions less than 101...
Astra Linux - уязвимость в cjson
In versions of cJSON 1.5.0 through 1.7.18, the decodearrayindexfrompointer function in cJSONUtils.c allows for out-of-bounds access. This enables remote attackers to bypass array bounds checking and access restricted data through malformed JSON pointer strings containing alphanumeric characters...
Astra Linux - уязвимость в firefox
An attacker could have written a value to the first element of a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address. This vulnerability affects Firefox versions earlier than 104...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Enforce hcall result buffer validity and size. The plparhcall, plparhcall9, and related functions expect callers to provide valid result buffers of a certain minimum size. Currently, this is communicated only...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: clk: rs9: Reserve 8 struct clkhw slots for 9FGV0841 The 9FGV0841 has 8 outputs and registers 8 struct clkhw structures. Ensure that there are 8 slots available for these newly registered clkhw pointers. Otherwise, out-of-bounds...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: rustbinder: fixed oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. As a result, the new request wasn’t taken into account in the spam calculation...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: x86/fred: Correct speculative safety in fredextint The arrayindexnospec function is useless if the result is spilled to the stack, as it makes the supposedly safe-under-speculation value subject to memory predictions. For all...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: dm-raid456, md/raid456: fixed a deadlock issue for dm-raid456 when io operations are concurrent with reshape operations. For raid456, if reshape is still in progress, then IO operations across the reshape position will wait fo...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The “command” variable can be controlled by the user via debugfs. The concern is that if conindex is zero, then “&uc-ucsi-connectorconindex - 1” would result in an...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out-of-bounds read issue There is an out-of-bounds read access to gbePhyInitFixfixidx.addr during each iteration after fixidx reaches ARRAYSIZEgbePhyInitFix. Ensure that gbePhyInitaddr is used when...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: exfat: Use kvmallocarray/kvfree instead of kmallocarray/kfree. The call stack shown below represents a scenario in the Linux 4.19 kernel. Memory allocation failed for the exfat file system, due to system memory fragmentation, whi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ptrring: Do not block hard interrupts in ptrringresizemultiple. Jakub added a lockdepassertnohardirq check in pagepoolputpage to increase test coverage. syzbot identified a crash caused by hard interrupt blocking in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: wifi: mac80211: Set nchannels after allocating the structcfg80211scanrequest structure. Make sure that nchannels is set after allocating the structcfg80211registereddevice::intscanreq member. This issue was identified using...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – fixed a potential array out-of-bounds access issue. The parameter IWLSECWEPKEYOFFSET will be used as needed during verification, along with determining the keylen value in the iwlmvmseckeyadd function...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Added an array index check for hdcp ddc access. Reason Coverity reported an OVERRUN warning. Do not check if the array index is valid. How Check that the msgid is valid and that the array index is correct...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access. The recent fix for array out-of-bounds accesses replaced sprintf calls with snprintf. However, since snprintf returns the size that will be printed, not the actual output size,...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ata: ahci: Match EMMAXSLOTS with SATAPMPMAXPORTS UBSAN reports an array-index-out-of-bounds error: 1.980703 kernel: UBSAN: array-index-out-of-bounds in /build/linux-9H675w/linux-5.15.0/drivers/ata/libahci.c:968:41 1.980709...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: FS:JFS:UBSAN: array-index-out-of-bounds in dbAdjTree Syzkaller reported the following issue: UBSAN: array-index-out-of-bounds in fs/jfs/jfsdmap.c:2867:6 Index 196694 is out of range for type ‘s81365’ aka ‘signed char1365’ CPU:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rustbinder: Avoid reading the written value in the offset array. When sending a transaction, its offset array is first copied into the target process’s virtual memory area vma. Then, the values are read back from there. This is...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: fixed a crash in setmeshsync and setmeshcomplete. There is a bug: KASAN: a stack-out-of-bounds issue in setmeshsync, caused by memcpy from a poorly declared on-stack flexible array. Another crash occurs in...