Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Ring-Buffer: Fixed buffer locking in ringbuffersubbuforderset. Expanded the critical section in ringbuffersubbuforderset to ensure that error handling occurs with a per-buffer mutex held, thereby preventing list corruption and...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: dev/parport: Fixed the array-out-of-bounds issue caused by sprintf. The array-out-of-bounds issues were addressed by replacing sprintf with snprintf, resulting in safer data copying and ensuring that the destination buffer doe...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free. References to i915requests may be trapped by the user space within a syncfile or dmabuf dma-resv, and held indefinitely across different processes. To count...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed the RX consumer index logic in the error path. In bnxtrxpkt, the RX buffers are expected to complete in order. If the RX consumer index indicates an out-of-order buffer completion, it means we are encountering a...

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is a stack-based buffer overflow in the nfshandler reply helper function: nfsreadlinkreply...

Astra Linux - уязвимость в opensc

A vulnerability was discovered in the pkcs15-init tool in OpenSC. An attacker could use a specially crafted USB Device or Smart Card, which would send a specially crafted response to APDUs to the system. When buffers are partially filled with data, the initialized parts of the buffer can be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: added retry logic in net6rtnotify inet6rtnotify can only be called under RCU protection. This means that the route may be changed concurrently, and rt6fillnode may return -EMSGSIZE. Resize the skb when this occurs and...

Astra Linux - уязвимость в vim

Heap-based Buffer Overflow in vim/vim before version 8.2...

Astra Linux - уязвимость в linux

In various methods of kernel-based drivers, there is a possibility of an out-of-bounds write due to a heap buffer overflow. This could lead to a local escalation of privileges, requiring system execution privileges. User interaction is not required for exploitation. Product: Android Versions:...

Astra Linux - уязвимость в libstb

Buffer overflow vulnerability in the function stbiextendreceive in stbimage.h in stb 2.26, caused by a crafted JPEG file...

Astra Linux - уязвимость в exempi

The XMP Toolkit SDK version 2020.1 and earlier is affected by a buffer overflow vulnerability that may lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, as the victim must open a specially crafted .cpp file...

Astra Linux - уязвимость в bind9

In BIND 9.5.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.11.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of the Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and...

Astra Linux - уязвимость в linux-5.10, linux

The file drivers/usb/gadget/legacy/inode.c in the Linux kernel, up to version 5.16.8, improperly handles the release of dev-buf...

Astra Linux - уязвимость в vim

Buffer over-reading in the GitHub repository vim/vim before version 8.2.4974...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Check whether the transferred 2D BO is a shmem BO. The transferred 2D BO must always be a shmem BO. Add a check to prevent NULL dereferencing if the user space passes a VRAM BO...

Astra Linux - уязвимость в libzstd

A vulnerability was discovered in zstd v1.4.10, where an attacker can provide an empty string as an argument to the command-line tool, causing a buffer overflow...

Astra Linux - уязвимость в python-cryptography

In the cryptography package for Python before version 3.3.2, certain sequences of update calls to symmetrically encrypt multi-GB values could lead to integer overflows and buffer overflows, as demonstrated by the Fernet class...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Staging: gdm724x: fixed the use of a variable after it is freed in gdmlterx. The netifrxni function frees the skb, so we cannot dereference it to save the skb-len...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A issue was discovered in include/asm-generic/tlb.h in the Linux kernel before version 5.19. Due to a race condition between unmapmappingrange and munmap, a device driver can free a page while it still has stale TLB entries. This only occurs in situations involving VMPFNMAP VMAs...

Astra Linux - уязвимость в tiff

A flaw was discovered in libtiff. A specially crafted TIF file can cause a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tiffax3.c, resulting in a denial of service...