Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double calls to brelse in udfrename syzbot reported a warning like below 1: VFS: brelse: Trying to free a free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 brelse+0x67/0xa0 ... Call trace:...

Astra Linux - уязвимость в ofono

oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fixed a buffer overflow in the liotargetnaclinfoshow function. The function liotargetnaclinfoshow uses sprintf within a loop to print details for each iSCSI connection in a session, without checking the buffe...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed potential overflow of PCM transfer buffer The PCM stream data in the USB-audio driver is transferred via USB URB packet buffers, and the size of each packet is determined dynamically. The packet sizes are...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validating the command header size against SVGACMDMAXDATASIZE This data originates from user space and is used in buffer offset calculations, which may potentially lead to an out-of-bounds access due to overflow...

Astra Linux - уязвимость в cups

The vulnerability of the cupsArrayAddStrings function on CUPS printing servers stems from the operation that occurs outside of the buffer in memory. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

Astra Linux - уязвимость в libraw

Buffer overflow vulnerability in the LibRaw::stretch function in libraw\src\postprocessing\aspectratio.cpp...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Use the correct buffer size when parsing configfs lists This commit fixes the support for the uvc gadget on 32-bit platforms. The commit 0df28607c5cb “usb: gadget: uvc: Generalize helper functions for reuse”...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The validation of the request buffer size was added in smb2allocaterspbuf. The response buffer should be allocated in smb2allocaterspbuf before validation of the request. However, fields within the payload as well as the...

Astra Linux - уязвимость в ffmpeg5

FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger the use of a parameter with a negative size in the avsamplessetsilence function in the libavutil/samplefmt.c:260:9 component...

Astra Linux - уязвимость в edk2

EDK2 is vulnerable to a vulnerability in the CreateHob function, which allows a user to trigger an integer overflow that leads to a buffer overflow through a local network. Successful exploitation of this vulnerability may result in compromises of confidentiality, integrity, and/or availability...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btnxpuart: Fixed the issue with btnxpuartclose. Fixed the scheduling issue during the atomic operation in btnxpuartclose. Properly purged the transmit queue and freed the receiveskb. 10.973809 BUG: Scheduling during...

Astra Linux - уязвимость в uriparser

A issue was discovered in uriparser through 0.9.7. The ComposeQueryEngine in UriQuery.c has an integer overflow due to long keys or values, resulting in a buffer overflow...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcicore: Fixed possible buffer overflow issues. The struct hcidevinfo structure has a name8 field with a fixed size. In cases where hdev-name is larger than this size, strcpy would attempt to write beyond its size...

Astra Linux - уязвимость в qemu

Integer overflows and buffer overflows were identified in the ACPI Error Record Serialization Table ERST device of QEMU, within the readerstrecord and writeerstrecord functions. Both issues may allow the guest to exceed the host buffer allocated for the ERST memory device. A malicious guest could...

Astra Linux - уязвимость в open-iscsi

A issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data. It...

Astra Linux - уязвимость в glib2.0

A flaw was discovered in GLib, which is vulnerable to an integer overflow in the gstringinsertunichar function. When the position at which the character is to be inserted is large, the position will overflow, resulting in a buffer underwrite...

Astra Linux - уязвимость в libxml2

A flaw was discovered in the xmlBuildQName function of libxml2. Integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue may result in memory corruption or a denial of service when processing malicious input...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng – ensure the buffer for generate is completely filled The generate function in struct rngalg expects that the destination buffer is completely filled if the function returns 0. The qcomrngread function may...

Astra Linux - уязвимость в linux, linux-5.10

A flaw was discovered in the sctpmakestrresetreq function within the net/sctp/smmakechunk.c file, located in the SCTP network protocol in the Linux kernel. This flaw involves attempting to use more buffer space than is allocated, which triggers a BUGON issue, resulting in a denial of service DOS...