313479 matches found
Astra Linux - уязвимость в ncurses
A issue was discovered in ncurses through v6.2-1. nccaptoinfo in captoinfo.c has a heap-based buffer overflow...
Astra Linux - уязвимость в vim
“Buffer over-reading” in the grabfilename function in the GitHub repository’s Vim/Vim version prior to 8.2.4956. This vulnerability could cause the software to crash, lead to memory modifications, and may allow for remote execution...
Astra Linux - уязвимость в edk2
EDK2 is vulnerable to a vulnerability in the CreateHob function, which allows a user to trigger an integer overflow that leads to a buffer overflow through a local network. Successful exploitation of this vulnerability may result in compromises of confidentiality, integrity, and/or availability...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcicore: Fixed possible buffer overflow issues. The struct hcidevinfo structure has a name8 field with a fixed size. In cases where hdev-name is larger than this size, strcpy would attempt to write beyond its size...
Astra Linux - уязвимость в u-boot
A issue was discovered in Das U-Boot during the period from 2019.07. There is a stack-based buffer overflow in the nfshandler reply helper function: nfsumountallreply...
Astra Linux - уязвимость в linux, linux-5.10
A flaw was discovered in the sctpmakestrresetreq function within the net/sctp/smmakechunk.c file, located in the SCTP network protocol in the Linux kernel. This flaw involves attempting to use more buffer space than is allocated, which triggers a BUGON issue, resulting in a denial of service DOS...
Astra Linux - уязвимость в apache2
apescapequotes may write beyond the end of a buffer when given malicious input. None of the included modules passes untrusted data to these functions, but third-party/external modules may do so. This issue affects Apache HTTP Server 2.4.48 and earlier...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
Transmitted requests in Xen’s virtual network protocol can consist of multiple parts. Although none of them are actually useful, except for the initial part, any of these parts can be of zero length, meaning they carry no data at all. In addition to the certain initial portion of the data to be...
Astra Linux - уязвимость в vim
Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 8.2.4436...
Astra Linux - уязвимость в glibc
The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library also known as glibc from versions up to 2.34 copies its hostname argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2. When reading the name of a symbolic link from a UFS filesystem, grub2 fails to validate the string length provided as input. This lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and potentially allowing an attacker to...
Astra Linux - уязвимость в glib2.0
A flaw was discovered in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculations, the library may incorrectly calculate buffer boundaries. This can lead to memory writes outside of the allocated buffer. Applications...
Astra Linux - уязвимость в redis
Redis is an open-source, in-memory database that persists data on disk. In versions starting from 2.6 and prior to 7.4.3, an unauthenticated client can cause the output buffer to grow indefinitely, until the server runs out of memory or is terminated. By default, Redis’s configuration does not...
Astra Linux - уязвимость в libslirp
In ncsi.c within libslirp up to 4.3.1, there is an issue of buffer over-reading. This occurs because the program attempts to read a certain amount of header data, even when that amount exceeds the total packet length...
Astra Linux - уязвимость в tpm2-tss
tpm2-tss is an open-source software implementation of the Trusted Computing Group’s Trusted Platform Module 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, functions Tss2RCSetHandler and Tss2RCDecode both indexed into layerhandler using an 8-bit layer number. However,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Do not issue ATS Invalidation requests when the device is disconnected. For those endpoint devices connected to the system via hot-plug-capable ports, users can request a hot reset of the device by setting the link...
Astra Linux - уязвимость в squid
Squid is a caching proxy for the web that supports HTTP, HTTPS, FTP, and other protocols. Due to a Buffer Overread bug, Squid is vulnerable to a Denial of Service attack targeting the Squid HTTP message processing mechanism. This bug has been fixed in Squid version 6.5. Users are advised to...
Astra Linux - уязвимость в python-cryptography
Cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions, Cipher.updateinto would accept Python objects that implement the buffer protocol, but only provide immutable buffers. This would allow immutable objects such as bytes to b...
Astra Linux - уязвимость в python3.7, php7.3
The Keccak XKCP SHA-3 reference implementation, prior to the update of fdc6fef, has an integer overflow and resulting buffer overflow issue. This vulnerability allows attackers to execute arbitrary code or compromise the expected cryptographic properties of the algorithm. This issue occurs within...
Astra Linux - уязвимость в libsdl1.2, libsdl2, sdl-image1.2
In SDL Simple DirectMediaLayer, versions from 1.2.15 up to 2.x, and then from 2.0.9 onwards, there is a heap-based buffer over-read issue in the BlitNtoN function within the video/SDLblitN.c file, when it is called from the SDLSoftBlit function in the video/SDLblit.c file...