36946 matches found
Astra Linux - уязвимость в openldap
A flaw was discovered in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, thereby triggering an assertion failure. The greatest threat of this vulnerability is to system availability...
Astra Linux - уязвимость в grub2
A flaw was discovered in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking, allowing a privileged attacker to remove address ranges from memory. This creates an opportunity to circumvent SecureBoot protections after proper analysis of grub’s memory layout. The...
Astra Linux - уязвимость в openjpeg2
There is a flaw in openjpeg in versions prior to 2.4.0, located in src/lib/openjp2/pi.c. When an attacker can provide crafted input that is processed by the openjpeg encoder, it may lead to an out-of-bounds read. The most significant impact of this flaw is the application’s availability...
Astra Linux - уязвимость в libwebp
A flaw was discovered in libwebp in versions prior to 1.0.1. An out-of-bounds read was identified in the ChunkVerifyAndAssign function. The greatest threat posed by this vulnerability is related to data confidentiality and service availability...
Astra Linux - уязвимость в libwebp
A flaw was discovered in libwebp in versions prior to 1.0.1. A heap-based buffer overflow is possible in the function WebPDecodeRGBInto due to an invalid check for buffer size. The greatest threat from this vulnerability is related to data confidentiality and integrity, as well as system...
Astra Linux - уязвимость в ceph
An authentication flaw was discovered in Ceph versions prior to 14.2.20. When the monitor processes CEPHXGETAUTHSESSIONKEY requests, it does not sanitize otherkeys, allowing for key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid that has...
Astra Linux - уязвимость в linux
A flaw was discovered in the Nosy driver within the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, resulting in a “use-after-free” condition when one of these devices is removed. The most significant threat posed by this vulnerability relates to...
Astra Linux - уязвимость в libxml2
A vulnerability was discovered in libxml2 in versions prior to 2.9.11. This vulnerability allows errors to go unnoticed during the parsing of XML mixed content, resulting in a NULL dereference. If an untrusted XML document is parsed in recovery mode and after post-validation, this flaw could be...
Astra Linux - уязвимость в ceph
A flaw was discovered in the Red Hat Ceph Storage RGW in versions prior to 14.2.21. When processing a GET request for a swift URL that ends with two slashes, it can cause the rgw component to crash, resulting in a denial of service. The most significant threat to the system is its availability...
Astra Linux - уязвимость в avahi
A flaw was discovered in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not handled correctly in the clientwork function, allowing a local attacker to trigger an infinite loop. The most significant threat from this...
Astra Linux - уязвимость в qemu
A flaw was discovered in the QEMU implementation of VMWare’s paravirtual RDMA device. The issue arises when handling the “PVRDMACMDCREATEMR” command due to improper memory remapping mremap. This flaw allows a malicious guest to crash the QEMU process on the host. The greatest threat posed by this...
Astra Linux - уязвимость в qemu
A flaw was discovered in the QEMU implementation of VMWare’s paravirtual RDMA device in versions prior to 6.1.0. The issue occurs when handling a “PVRDMAREGDSRHIGH” write from the guest, and it may result in a crash of QEMU or cause undefined behavior due to the access of an uninitialized pointer...
Astra Linux - уязвимость в python3.7, python2.7
A flaw was discovered in Python. Improper handling of HTTP responses in the Python HTTP client code may allow a remote attacker, who controls the HTTP server, to cause the client script to enter an infinite loop, consuming CPU resources. The greatest threat of this vulnerability is to system...
Astra Linux - уязвимость в xorg-server
A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...
Astra Linux - уязвимость в xorg-server
A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system...
Astra Linux - уязвимость в xorg-server
A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...
Astra Linux - уязвимость в xorg-server
A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Verify the availability of the driver for the pathevent call. If no driver is attached to a device, or if the driver does not provide the pathevent function, an FCES path-event on this device could result in a...
Astra Linux - уязвимость в openexr
A flaw was discovered in OpenEXR’s multipart input file functionality. A crafted multipart input file containing no actual parts can lead to a NULL pointer dereferencing issue. The greatest threat of this vulnerability is to system availability...
Astra Linux - уязвимость в openexr
A flaw was discovered in OpenEXR’s hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file processed by OpenEXR to trigger an integer overflow. The greatest threat of this vulnerability is to system availability...