313186 matches found
Astra Linux - уязвимость в webkit2gtk
A buffer overflow issue has been addressed through improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3, and iPadOS 18.7.3; iOS 26.2 and iPadOS 26.2; macOS Tahoe 26.2; and visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: nilfs2: Access to buffers is protected when there are no active references to them. The function nilfslookupdirtydatabuffers iterates through the buffers attached to dirty data folios/pages. It accesses these attached buffers...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed the NULL pointer dereferencing in the blockdirtybuffer tracepoint. When using the “block:blockdirtybuffer” tracepoint, the markbufferdirty function may cause a NULL pointer dereference, or a general protection fault...
Astra Linux - уязвимость в ghostscript
A issue was discovered in Artifex Ghostscript prior to version 10.05.0. The DOCXWRITE TXTWRITE device suffers from a text buffer overflow issue due to the use of long characters in devices/vector/doccommon.c...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: afs: Increase the buffer size in afsupdatevolumestatus. The maximum length of the volume-vid value is 20 characters. Therefore, increase the size of idbuf to 24 characters to avoid overflow. Identified by the Linux Verification...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fixed BQL accounting for multi-BD TX packets. When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the actual length of each BD from the descriptor status into an...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: arm64: tlb: Fixed the TLBI RANGE operand KVM/arm64 relies on the TLBI RANGE feature to flush TLBs when the dirty pages are collected by the VMM and the page table entries become write-protected during live migration. Unfortunatel...
Astra Linux - уязвимость в freetype
It was discovered that the FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f contains a heap buffer overflow issue through the sfntinitface function...
Astra Linux - уязвимость в apache2
A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd team is not aware of an exploit for this vulnerability, but it might be possible to create one. This issue affects Apache HTTP Server 2.4.51 and earlie...
Astra Linux - уязвимость в zabbix
A specially crafted string can cause a buffer overflow in the JSON parser library, resulting in a crash of the Zabbix Server or Zabbix Proxy...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2. When reading the name of a symbolic link from a UFS filesystem, grub2 fails to validate the string length provided as input. This lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and potentially allowing an attacker to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ionic: Use devconsumeskbany outside of NAPI. If we are not in a NAPI softirq context, we need to be careful about how we call napiconsumeskb. Specifically, we need to call it with budget == 0 to signal that we are not in a safe...
Astra Linux - уязвимость в glibc
The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library also known as glibc from versions up to 2.34 copies its hostname argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the...
Astra Linux - уязвимость в squid
A issue was discovered in Squid before version 4.15 and 5.x before version 5.0.6. Due to a buffer-management bug, it allows for a denial of service. When resolving a request using the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that...
Astra Linux - уязвимость в ncurses
A issue was discovered in ncurses through v6.2-1. nccaptoinfo in captoinfo.c has a heap-based buffer overflow...
Astra Linux - уязвимость в libwebp
A flaw was discovered in libwebp in versions prior to 1.0.1. A heap-based buffer overflow is possible in the function WebPDecodeRGBInto due to an invalid check for buffer size. The greatest threat from this vulnerability is related to data confidentiality and integrity, as well as system...
Astra Linux - уязвимость в qt4-x11
A issue was discovered in Qt between versions 5.12.9, 5.13.x, and 5.15.x up to 5.15.1. The readxbmbody function in gui/image/qxbmhandler.cpp has a buffer over-read issue...
Astra Linux - уязвимость в libsdl1.2, libsdl2, sdl-image1.2
In SDL Simple DirectMediaLayer, versions from 1.2.15 up to 2.x, and then from 2.0.9 onwards, there is a heap-based buffer over-read issue in the BlitNtoN function within the video/SDLblitN.c file, when it is called from the SDLSoftBlit function in the video/SDLblit.c file...
Astra Linux - уязвимость в pillow
In the path.c file of Pillow, before version 9.0.0, there was an issue where the pathgetbbox function had a buffer over-reading during the initialization of ImagePath.Path...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – Do not read beyond the mfuart notification. In the event that the firmware sends a notification claiming to have more data than it actually does, we will read beyond the allocated space for the notification...