Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fixed the fragment counting for XDP multi-buffer scenarios in legacy RQ. XDP multi-buffer programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: If the queue update fails, do not reserve bo. The error handling path should unreserve bo and then return a failure message. Selected from the commit c24afed7de9ecce341825d8ab55a43a254348b33...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fixed invalid buffer access for legacy rq The following crash can occur when using xdpsock in RX mode for legacy rq: the buffer is released in the XDPREDIRECT path, and then again in the driver. This fix sets a fl...

Astra Linux - уязвимость в gimp

GIMP JP2 File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: printk: Fixed signed integer overflow when defining LOGBUFLENMAX. Shifting 1 31 on a 32-bit integer causes signed integer overflow, leading to undefined behavior. To prevent this, 1 was cast to u32 before the shift operation is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Ring-buffer: Validates the persistent meta-data subbuf array The meta-data for a mapped ring buffer contains an array of indexes to all subbuffers. The first entry represents the “reader page,” and the remaining entries specify t...

Astra Linux - уязвимость в catdoc

There is a memory corruption vulnerability in the implementation of the Shared String Table Record Parser in the xls2csv utility version 0.95. A specially crafted, malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to exploit this vulnerability...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net:mctp: taking ownership of skb in mctplocaloutput Currently, mctplocaloutput only takes ownership of the skb when it succeeds. In some cases where mctplocaloutput fails, we might leak the skb. Ownership of the skb is not...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fixed the double-free of the elf header buffer. After the patch provided by b3e34a47f989 “x86/kexec: fix memory leak of elf header buffer”, the use of image-elfheaders in the error path of crashloadsegments is no longe...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: The crash occurred when performing a pressure test on mptcp. The following error occurred: dstrelease: dst: ffffa06ce6e5c058 refcnt: -1 The kernel attempted to execute a NX-protected page – an attempt to exploit a...

Astra Linux - уязвимость в gst-plugins-good1.0

In GStreamer through 1.26.1, the isomp4 plugin’s qtdemuxparsetrak function may read past the end of a heap buffer while parsing an MP4 file, potentially leading to information disclosure...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: Fix for writes in read-only memory regions. This commit addresses an error in the kernel due to a write operation in a read-only memory region: 9.068287 Unable to handle kernel write to read-only memory at virtual...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: media: cx88: Fixed a null-ptr-deref bug in bufferprepare. When the driver calls cx88riscbuffer to prepare the buffer, the function call may fail, resulting in an empty buffer and a null-ptr-deref later in bufferqueue. The...

Astra Linux - уязвимость в krb5

The vulnerability of the getmechset function in the spnegomech.c component of the Kerberos authentication protocol is related to reading data from within a permissible buffer size. Exploiting this vulnerability allows an attacker to cause service failures...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fixed a memory leak in airohaqdmarxprocess. If an error occurs in the subsequent buffers belonging to the non-linear part of the skb e.g., due to an error in the payload length reported by the NIC, or if all availabl...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xsk: Validate the MTU against the usable frame size when binding. The AFXDP binding currently accepts zero-copy pool configurations without verifying that the device’s MTU fits within the usable frame space provided by the UMEM...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdtloader: Ensure that we do not read beyond the ELF header. When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand. However, this is not necessary for other clients. The size of the firmware...

Astra Linux - уязвимость в glib2.0

A flaw was discovered in Glib’s content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored as a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access...

Astra Linux - уязвимость в net-snmp

Net-SNMP is an SNMP application library, tools, and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet sent to the net-SNMP snmptrapd daemon could cause a buffer overflow, resulting in the daemon crashing. This issue has been fixed in versions 5.9.5 and 5.10.pre2...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adfsendadmintlstart enables the telemetry TL feature on a QAT device by sending the ICPQATQATFWTLSTART message to the firmware. This triggers the FW to start writing...