313163 matches found
Astra Linux - уязвимость в linux-5.10
A vulnerability was discovered in the Linux kernel’s blockinvalidatepage function in the fs/buffer.c file of the filesystem. A missing sanity check may allow a local attacker with user privileges to cause a denial of service DOS issue...
Astra Linux - уязвимость в faad2
A issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. This allows an attacker to cause code execution...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KEYS: Trusted: dcp: Fixed the leak of the blob encryption key Trusted keys unseal the key blob upon loading, but keep the sealed payload in the blob field. Thus, every subsequent read export simply converts this field to...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305glue.c:198 poly1305updatearch error: memcpy 'dctx-buf' too small 16 vs u32max This issue arises because Smatch marks ‘linklen’...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblockfreelate instead of imafreekexecbuffer. The code that calls imafreekexecbuffer is executed long after the memblock allocator has already been removed. This may lead to a use-after-free in...
Astra Linux - уязвимость в ffmpeg5
FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow through the ffgaussianblur8 function in libavfilter/edgetemplate.c:116:5 component...
Astra Linux - уязвимость в gpac
A heap-based buffer overflow vulnerability exists in gpac version 2.3-DEV-rev588-g7edc40fee-master, allowing remote attackers to execute arbitrary code and cause a denial of service DoS via the gffwrite component in atutils/osfile.c...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo: fix memory leak in error branch In mcanreadfifo, if the second call to mcanfiforead fails, the function jumps to the out Fail label and returns without calling mcanreceiveskb. This means that the skb...
Astra Linux - уязвимость в ffmpeg, ffmpeg5
FFmpeg v.n6.1-3-g466799d4f5 allows for an over-reading of the buffer at ffgradfunblurlinemovdqasse2, as demonstrated by a call to the setencoderid function in the /fftools/ffmpegenc.c component...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: Further fixes were made to the call order in amdgputtmmove v2. This resolves the issue where amdgpuboMove always moves objects on the same heap. The fundamental problem is that after the move, the old location is n...
Astra Linux - уязвимость в libstb
stbimage.h also known as the stb image loader version 2.23 has a heap-based buffer overflow issue in stbitgaload, which can lead to information disclosure or denial of service...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that the event count does not exceed the event buffer length The event count is read from the register DWC3GEVNTCOUNT. There is a check to ensure that the count is zero, but no check is performed to ensur...
Astra Linux - уязвимость в tiff
A flaw was discovered in libtiff. A specially crafted TIF file can cause a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tiffax3.c, resulting in a denial of service...
Astra Linux - уязвимость в webkit2gtk
In WebKitGTK up to 2.36.0 and WPE WebKit, there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp...
Astra Linux - уязвимость в libpng1.6
A issue has been identified in third-party PNM decoding related to libpng 1.6.35. It is a stack-based buffer overflow in the gettoken function located in the pnm2png.c file within pnm2png...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid potential buffer over-reading in parseapplysbmountoptions. Unlike other strings in the ext4 superblock, we rely on tune2fs to ensure that smountopts is terminated with NUL. Harden parseapplysbmountoptions by treating...
Astra Linux - уязвимость в webkit2gtk
A buffer overflow issue has been addressed through improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7, and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux - уязвимость в ruby2.5
There is a buffer over-read issue in Ruby before version 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. This issue occurs during the conversion from strings to floats, including in methods like KernelFloat and Stringtof...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: iommu/omap: Fixed buffer overflow in debugfs There are two issues here: 1 The “len” variable needs to be checked before the very first write. Otherwise, if omap2iommudumpctx is called with “bytes” less than 32, it will result ...
Astra Linux - уязвимость в fig2dev
Fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c...