Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: possible buffer overflow. The buffer ‘afmtstatus’, which is sized 6, could overflow, as the index ‘afmtidx’ is checked after access...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed a race condition involving the unreferencing of the vram buffer in the svm code. The unreferencing of prange-svmbo can occur both in the mmu callback and in a callback after migrating to system RAM. Both are...

Astra Linux - уязвимость в zeromq3

There is a flaw in the zeromq server in versions before 4.3.3, located in src/decoderallocators.hpp. The decoder’s static allocator could have its size changed, but the buffer remains unchanged since it is a static buffer. A remote, unauthenticated attacker who sends a crafted request to the zero...

Astra Linux - уязвимость в exempi

The XMP Toolkit SDK version 2020.1 and earlier is affected by a buffer overflow vulnerability that may lead to local application denial of service in the context of the current user. Exploitation requires user interaction, as the victim must open a specially crafted file...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/nouveau: Avoid a use-after-free when BO init fails. nouveauboinit is backed by ttmboinit and passes its return value back to the caller. In case of failures, ttmboinit invokes the provided destructor, which should...

Astra Linux - уязвимость в vim

Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 8.2...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca – A memory leak was fixed in the device probe, and the phy-pendingskb variable was properly freed after allocation. However, it was forgotten to be freed during the error handling and removal processes, resulting in...

Astra Linux - уязвимость в wireshark

A buffer overflow in the Bluetooth SDP dissector in Wireshark versions 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows for denial of service through packet injection or malicious capture files...

Astra Linux - уязвимость в pillow

In Pillow before 8.1.0, PcxDecode has a buffer over-reading issue when decoding a crafted PCX file, because the user-supplied stride value is trusted for buffer calculations...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure traceclockglobal to never block. It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend/resume testing. The following backtrace was extracted from...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 allowed Buffer Underwrite, which could allow unauthenticated remote attackers to execute arbitrary commands. This is because smtpungetc was only intended for pushing back characters, but it can actually be used to push back non-character error codes, such as EOF...

Astra Linux - уязвимость в ffmpeg

A buffer overflow vulnerability exists in FFmpeg 4.2 in the configinput function at libavfilter/aftremolo.c, which could allow a remote malicious user to cause a Denial of Service attack...

Astra Linux - уязвимость в aspell

The libaspell.a module in GNU Aspell prior to version 0.60.8 has a stack-based buffer overflow issue in the common::unescape function within common/getdata.cpp, caused by an isolated \ character...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fixed transfer-buffer overflows The driver uses USB transfer buffers sized equal to the endpoint size. However, until recently, there were no sanity checks on these buffer sizes. The commit e1f13c879a7c “staging:...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: j1939: fixed Use-after-Free, failed to increment the ref count of a skb while it was in use. This patch addresses a Use-after-Free issue identified by the syzbot. The problem arises when a skb is taken from the per-session s...

Astra Linux - уязвимость в ntfs-3g

In NTFS-3G versions before version 2021.8.22, when a specially crafted Unicode string is provided in an NTFS image, a heap buffer overflow may occur, allowing code execution...

Astra Linux - уязвимость в ffmpeg

Buffer overflow vulnerability in FFmpeg 4.2, located in the convolutiony10bit section of libavfilter/vfvmafmotion.c, which could allow a remote malicious user to cause a Denial of Service attack...

Astra Linux - уязвимость в graphviz

A buffer overflow in the Graphviz Graph Visualization Tools, starting from the commit ID f8b9e035 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service application crash by loading a crafted file into the "lib/common/shapes.c" component...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Buffer overflow in debugfs If the user attempts to write more than 32 bytes, it will result in memory corruption. Fortunately, since this issue relates to debugfs, it only affects root users...

Astra Linux - уязвимость в dcmtk

A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service DoS attack through a malicious DCM file...