Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/nouveau: Avoid a use-after-free when BO init fails. nouveauboinit is backed by ttmboinit and passes its return value back to the caller. In case of failures, ttmboinit invokes the provided destructor, which should...

Astra Linux - уязвимость в vim

Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 8.2...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca – A memory leak was fixed in the device probe, and the phy-pendingskb variable was properly freed after allocation. However, it was forgotten to be freed during the error handling and removal processes, resulting in...

Astra Linux - уязвимость в wireshark

A buffer overflow in the Bluetooth SDP dissector in Wireshark versions 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows for denial of service through packet injection or malicious capture files...

Astra Linux - уязвимость в pillow

In Pillow before 8.1.0, PcxDecode has a buffer over-reading issue when decoding a crafted PCX file, because the user-supplied stride value is trusted for buffer calculations...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure traceclockglobal to never block. It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend/resume testing. The following backtrace was extracted from...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 allowed Buffer Underwrite, which could allow unauthenticated remote attackers to execute arbitrary commands. This is because smtpungetc was only intended for pushing back characters, but it can actually be used to push back non-character error codes, such as EOF...

Astra Linux - уязвимость в ffmpeg

A buffer overflow vulnerability exists in FFmpeg 4.2 in the configinput function at libavfilter/aftremolo.c, which could allow a remote malicious user to cause a Denial of Service attack...

Astra Linux - уязвимость в aspell

The libaspell.a module in GNU Aspell prior to version 0.60.8 has a stack-based buffer overflow issue in the common::unescape function within common/getdata.cpp, caused by an isolated \ character...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fixed transfer-buffer overflows The driver uses USB transfer buffers sized equal to the endpoint size. However, until recently, there were no sanity checks on these buffer sizes. The commit e1f13c879a7c “staging:...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: j1939: fixed Use-after-Free, failed to increment the ref count of a skb while it was in use. This patch addresses a Use-after-Free issue identified by the syzbot. The problem arises when a skb is taken from the per-session s...

Astra Linux - уязвимость в ntfs-3g

In NTFS-3G versions before version 2021.8.22, when a specially crafted Unicode string is provided in an NTFS image, a heap buffer overflow may occur, allowing code execution...

Astra Linux - уязвимость в ffmpeg

Buffer overflow vulnerability in FFmpeg 4.2, located in the convolutiony10bit section of libavfilter/vfvmafmotion.c, which could allow a remote malicious user to cause a Denial of Service attack...

Astra Linux - уязвимость в graphviz

A buffer overflow in the Graphviz Graph Visualization Tools, starting from the commit ID f8b9e035 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service application crash by loading a crafted file into the "lib/common/shapes.c" component...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Buffer overflow in debugfs If the user attempts to write more than 32 bytes, it will result in memory corruption. Fortunately, since this issue relates to debugfs, it only affects root users...

Astra Linux - уязвимость в dcmtk

A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service DoS attack through a malicious DCM file...

Astra Linux - уязвимость в mongo-c-driver

The various bsonappend functions in the MongoDB C driver library may be susceptible to buffer overflows when performing operations that could result in a final BSON document exceeding the maximum allowable size INT32MAX, leading to a segmentation fault and potentially causing the application to...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/sun382586: A potential memory leak has been fixed in sun382586sendpacket. In sun382586sendpacket, if skb-len is too long, it returns NETDEVTXOK without freeing the skb. To address this issue, add a call to devkfreeskb to...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mwifiex: Fixed a warning regarding memcpy operations that span entire fields in mwifiexcmd80211scanext. Replace a one-element array with a flexible-array member in struct hostcmdds80211scanext. This fix addresses the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: bna: Adjust the ‘name’ buffer size of bnatcb and bnaccb structures. To ensure there is enough space to store all possible arguments for sprintf. Currently, the ‘name’ size is 16 characters, but the first '%s' specifier may...