xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

TencentOS Server 3: xorg-x11-server (TSSA-2026:0378)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0378 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CLSA-2026-1779389543 Fix of 6 CVEs

SECURITY UPDATE: integer wraparound on 32-bit systems in palloc callers - debian/patches/CVE-2026-6473.patch: integer wraparound on 32-bit systems in palloc callers - CVE-2026-6473 SECURITY UPDATE: format-string memory disclosure in timeofday via crafted timezones -...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, such as zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, the function...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Firmware: csdsp: Prevent buffer overflows when processing V2 algorithm headers. It is necessary to ensure that all fields of a V2 algorithm header fit within the available firmware data buffer. The wmfw V2 format introduces...

Astra Linux - уязвимость в libzstd

A vulnerability was discovered in zstd v1.4.10, where an attacker can provide an empty string as an argument to the command-line tool, causing a buffer overflow...

Astra Linux - уязвимость в php7.3

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16, and 8.2.X before 8.2.3, the core path resolution function allocates a buffer that is one byte too small. When resolving paths with lengths close to the system’s MAXPATHLEN setting, this may result in the byte after the allocated buffer being...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ima: fixed the buffer overflow issue in imaeventdigestinitcommon. The function imaeventdigestinit calls imaeventdigestinitcommon, using HASHALGOLAST. This value is then used to access the array hashdigestsize, resulting in a buff...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpudm initialize when link nums greater than maxlinks Reason The Coverity report indicates an OVERRUN warning. There are only maxlinks elements within dc-links. The number of links can reach...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Length parity checks were performed before switching to 16-bit mode. The commit fc96ec826bce “spi: fsl-cpm: Use 16-bit mode for large transfers with even size” failed to ensure that the size of the data transfer is...

Astra Linux - уязвимость в linux, linux-5.10

A flaw was discovered in the sctpmakestrresetreq function within the net/sctp/smmakechunk.c file, located in the SCTP network protocol in the Linux kernel. This flaw involves attempting to use more buffer space than is allocated, which triggers a BUGON issue, resulting in a denial of service DOS...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Firmware: csdsp: Fixed the overflow checking of the wmfwheader. The checking was corrected to ensure that the firmware file buffer is large enough to hold the wmfwheader, thereby preventing the buffer from being overwritten. T...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: qed: Do not collect too many protection override GRC elements In the protection override dump path, the firmware may return far too many GRC elements, leading to attempts to write beyond the previously allocated dump buffer. This...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ALSA: hda/ca0132: fixed a buffer overflow issue in tuningctlset The tuningctlset function might cause a buffer overflow if it does not break from the loop when matching A. static int tuningctlset... for i = 0; i This patch...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

The fix for XSA-423 added logic to the Linux’s netback driver to handle cases where a packet is split by a frontend, resulting in not all of the headers being together in one piece. Unfortunately, the introduced logic did not account for the extreme case where the entire packet is split into as...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: xhci: Properly handling isoc Babble and Buffer Overrun events xHCI 4.9 explicitly prohibits making assumptions that the xHC has released its ownership of a multi-TRB TD when an error occurs in one of the early TRBs. However, t...

Astra Linux - уязвимость в systemd

A “off-by-one” error issue was discovered in Systemd within the formattimespan function of the time-util.c file. An attacker could provide specific values for time and accuracy, resulting in a buffer overflow in formattimespan, which can lead to a Denial of Service...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msgid before processing a transaction. WHY & HOW HDCPMESSAGEIDINVALID -1 is not a valid msgid, nor is it a valid array index. It needs to be checked before being used. This fix addresses 4 OVERRUN issues...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo – Fix for compression buffer overflows Unlike the decompression code, the compression code in LZO never checked for output overflows. Instead, it assumes that the caller always provides sufficient buffer space, ignori...

Astra Linux - уязвимость в openssl, openssl1.0

ASN.1 strings are internally represented within OpenSSL as an ASN1STRING structure, which contains a buffer for storing the string data and a field for storing the buffer length. This is different from regular C strings, which are represented as a buffer for the string data, terminated with a NUL...