313477 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: gve: Fixed incorrect buffer cleanup in gvetxcleanpendingpackets for QPL. In DQ-QPL mode, gvetxcleanpendingpackets incorrectly uses the RDA buffer cleanup path. It iterates a certain number of times and attempts to unmap entrie...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fixed a potential memory leak in bcmaspxmit. The bcmaspxmit function returns NETDEVTXOK without freeing the skb object in case of mapping failures. Add devkfreeskb to address this issue...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: Reworked the handling of scratch space for READPLUS again I discovered that the read code might send multiple requests using the same nfspgioheader. However, the nfs4procreadsetup function is only called once. As a resul...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fixed BQL accounting for multi-BD TX packets. When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the actual length of each BD from the descriptor status into an...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: arm64: tlb: Fixed the TLBI RANGE operand KVM/arm64 relies on the TLBI RANGE feature to flush TLBs when the dirty pages are collected by the VMM and the page table entries become write-protected during live migration. Unfortunatel...
Astra Linux - уязвимость в apache2
A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd team is not aware of an exploit for this vulnerability, but it might be possible to create one. This issue affects Apache HTTP Server 2.4.51 and earlie...
Astra Linux - уязвимость в zabbix
A specially crafted string can cause a buffer overflow in the JSON parser library, resulting in a crash of the Zabbix Server or Zabbix Proxy...
Astra Linux - уязвимость в squid
A issue was discovered in Squid before version 4.15 and 5.x before version 5.0.6. Due to a buffer-management bug, it allows for a denial of service. When resolving a request using the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that...
Astra Linux - уязвимость в libwebp
A flaw was discovered in libwebp in versions prior to 1.0.1. A heap-based buffer overflow is possible in the function WebPDecodeRGBInto due to an invalid check for buffer size. The greatest threat from this vulnerability is related to data confidentiality and integrity, as well as system...
Astra Linux – Vulnerability in ffmpeg
A buffer overflow vulnerability exists in the function configinput in libavfilter/vfgblur.c in Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: mxser: fixed the xmitbuf leak in activate when LSR == 0xff. When LSR is 0xff during the call to -activate, we return an error. It’s important to note that the -shutdown function is not called when -activate fails. In this case,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: ti: icssg-prueth: Fix missing data copying and incorrect recycling in ZC RX dispatch. emacdispatchskbzc allocates a new skb using napiallocskb, but never copies the packet data from the XDP buffer into it. The skb is pass...
Astra Linux - уязвимость в libwebp
A heap-based buffer overflow was discovered in libwebp in versions prior to 1.0.1 in the GetLE16 function...
Astra Linux - уязвимость в tiff
A heap-based buffer overflow flaw was discovered in libtiff, particularly in the handling of TIFF images using libtiff’s TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The greatest threat posed by this vulnerability relates to confidentiality, integrity, and...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: Ethernet: Aeroflex: fixed a potential skb leak in grethinitrings The grethinitrings function does not free the newly allocated skb when dmamappingerror returns an error. Therefore, devkfreeskb was added to fix this issue. This ha...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed a potential bug in endbufferasyncwrite According to a syzbot report, endbufferasyncwrite, which handles the completion of block device writes, may detect abnormal conditions of the asyncwrite flag and cause a BUGON...
Astra Linux - уязвимость в qemu
Integer overflows and buffer overflows were identified in the ACPI Error Record Serialization Table ERST device of QEMU, within the readerstrecord and writeerstrecord functions. Both issues may allow the guest to exceed the host buffer allocated for the ERST memory device. A malicious guest could...
Astra Linux - уязвимость в linux-5.10, linux
A flaw was discovered in the Linux kernel’s networking code. A use-after-free occurred in the way the schsfb enqueue function utilized the socket buffer SKB cb field after the same SKB had been enqueued and freed into a child qdisc. This flaw allows a local, unprivileged user to cause a system...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Ice: Fixed DMA mapping leaks The leak was addressed when the user changed ring parameters. During the reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with a different RX ring count shoul...
Astra Linux - уязвимость в qt4-x11
A issue was discovered in Qt between versions 5.12.9, 5.13.x, and 5.15.x up to 5.15.1. The readxbmbody function in gui/image/qxbmhandler.cpp has a buffer over-read issue...