Astra Linux - уязвимость в ffmpeg

A buffer overflow vulnerability exists in FFmpeg 4.2, specifically in the filtervertically8 function within libavfilter/vfavgblur.c. This vulnerability could lead to a remote Denial of Service attack...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Networking layer: Fixed a memory leak that occurred when uncloning an skb dst and its associated metadata. When uncloning an skb dst and its associated metadata, a new dst+metadata is allocated and later replaces the old one in t...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fixed the bulk-buffer overflow issue. The driver uses buffers sized equal to the endpoint size, but it should not assume that the tx and rx buffers have the same size. A malicious device could cause the...

Astra Linux - уязвимость в libcaca

A flaw was discovered in libcaca. A heap buffer overflow in the export.c file, specifically in the exporttga function, may lead to memory corruption and other potential issues...

Astra Linux - уязвимость в texlive-bin

OpenDetex 2.8.5 has a Buffer Overflow issue in TexOpen, specifically in detex.l, due to an incorrect sprintf operation...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: gro: fixed ownership transfer If packets are received using GRO, they may be segmented later on and continue their journey within the stack. In skbSegmentlist, these segments can be reused as they are. This is a problem because...

Astra Linux - уязвимость в mdadm

A buffer overflow in some IntelR SSD Tools software prior to version mdadm-4.2-rc2 may allow a privileged user to potentially enable privilege escalation through local access...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/fb-helper: Fixed out-of-bounds access issues. The memory range was clipped to the size of the screen buffer to prevent out-of-bounds access during the damage handling in fbdev’ deferred I/O operations. fbdev’ deferred I/O can...

Astra Linux - уязвимость в vim

Buffer over-reading in the findnextquote function in the GitHub repository’s Vim/Vim version prior to 8.2.4925. These vulnerabilities can cause software to crash, modify memory, and may lead to remote execution...

Astra Linux - уязвимость в edk2

Existing checks in SmmEntryPoint will not catch underflow when calculating BufferSize...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: Check whether the target buffer list is still of the legacy type during recycling. There is a gap between the time the buffer is acquired and the time it potentially gets recycled. If the bufferlist is empty, someon...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: Fixed a skb memory leak in the receive path. When midev-allowrx is set to false, the newly allocated skb is not consumed by netifrx. It is necessary to free the skb directly...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fixed a memory leak in intelfbboframebufferinit. Added a unref statement for the bo variable in the error handling path, to prevent the bo reference from being leaked. Return 0 on success to clarify the success path...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wl1251: A potential buffer overflow issue in wl1251cmdscan has been fixed. The function wl1251cmdscan calls memcpy without checking the length of the destination buffer. This vulnerability has been addressed by ensuring that the...

Astra Linux - уязвимость в squid

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, a Denial of Service can occur when processing long Gopher server responses due to improper buffer management...

Astra Linux - уязвимость в qemu

In QEMU 5.0.0, the file hw/net/e1000ecore.c contains an infinite loop that occurs due to a NULL buffer address in the RX descriptor...

Astra Linux - уязвимость в vim

Buffer over-reading in the GitHub repository vim/vim before version 8.2...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Validates the count of the command buffer payload. The count field in the command header is used to determine the valid payload size. Verify that the valid payload does not exceed the remaining buffer space...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fixed the crash that occurred when using WRITESAME without a data buffer. In the newer versions of the SBC specifications, there’s a NDOB bit that indicates that there is no data buffer being written. If this bit is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ionic: Use devconsumeskbany outside of NAPI. If we are not in a NAPI softirq context, we need to be careful about how we call napiconsumeskb. Specifically, we need to call it with budget == 0 to signal that we are not in a safe...