313490 matches found
Astra Linux - уязвимость в libde265
It was discovered that Libde265 v1.0.8 contains a stack-buffer-overflow vulnerability through the use of void putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted video file...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: guard flow control update with globaltxfc in buffer switching The function mvpp2bmswitchbuffers mvpp2bmpoolupdateprivfc when switching between per-cpu and shared buffer pool modes. This function programs the CM3 flow...
Astra Linux - уязвимость в vim
Access to memory location before the start of the buffer in the GitHub repository for vim/vim prior to version 8.2...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Rejected direct access to nullable PTRTOBUF pointers The checkmemaccess function matches PTRTOBUF via basetype, which removes the PTRMAYBENULL flag. This allows direct dereferencing without a null check. The map iterator...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: jbd2: fixed a potential use-after-free issue in jbd2fcwaitbufs. In jbd2fcwaitbufs, using bh after referencing the buffer’s head count may lead to a use-after-free. Therefore, ensure that the buffer is updated before referencing i...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fixed potential RX buffer overflow issues. If an event causes the firmware to return an invalid RX size for LARGECONFIGGET, memcpyfromio might end up copying too many bytes. This issue was fixed by using mint...
Astra Linux - уязвимость в c-ares
Buffer overflow vulnerability in c-ares before 1161 through 1170, due to the aresparsesoareply function in aresparsesoareply.c...
Astra Linux - уязвимость в u-boot
A issue was discovered in Das U-Boot during the period from 2019.07. There is a stack-based buffer overflow in the nfshandler reply helper function: nfsmountreply...
Astra Linux - уязвимость в linux, linux-5.10
Certain Arm Cortex and Neoverse processors, as of 2022-03-08, do not properly prevent cache speculation, also known as Spectre-BHB. Attackers can exploit the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. As a result, cache allocation may allow attacker...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a signed-integer-overflow bug in tcpaddbacklog The types of skrcvbuf and sksndbuf within the struct sock structure are int. In tcpaddbacklog, the limit for the buffer size is calculated by adding skrcvbuf, sksndbuf, an...
Astra Linux – Vulnerability in Firefox and Thunderbird
The texture upload of a Pixel Buffer Object could have caused WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. This vulnerability affects Firefox ESR 78.9, Firefox 87, and Thunderbird 78.9...
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset the IH OVERFLOWCLEAR bit. This also allows us to detect subsequent IH ring buffer overflows...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: e100: Fixed possible use of memory after it is freed in e100xmitprepare. In e100xmitprepare, if it is not possible to map the skb, then -ENOMEM is returned. As a result, e100xmitframe will return NETDEVTXBUSY, and the upper layer...
Astra Linux - уязвимость в ffmpeg
There is a heap-based Buffer Overflow vulnerability in FFmpeg 4.2, located in the fffillrectangle function in libavfilter/drawutils.c. This vulnerability may lead to memory corruption and other potential issues...
Astra Linux - уязвимость в alsa-lib
Versions of alsa-lib from 1.2.2 up to and including 1.2.15.2, prior to the release of 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplgdecodecontrolmixer1 function reads the numchannels field from untrusted .tplg data and uses it as a loop bound without...
Astra Linux - уязвимость в ntfs-3g
In NTFS-3G, from version 2021.8.22, ntfsck has a heap-based buffer overflow issue, involving a value of buffer+5123-2. NOTE: The upstream documentation states that ntfsck is deprecated; however, it is still being distributed with some Linux distributions...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: A potential buffer overflow issue has been fixed in nisetmcspecialregisters. The last case label can write two buffers, mcregaddressj and mcdataj, where the offset of ‘j’ equals SMCNISLANDSMCREGISTERARRAYSIZE. Since...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: perf/core: The handling of buffer mapping fails correctly in perfmmap. After a buffer is successfully allocated or an existing buffer is successfully attached, perfmmap attempts to map the buffer into the page table in read-only...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Soundwire: qcom: fix for storing port configuration beyond the bounds The value of qcomswrmctrl-pconfig is QCOMSDWMAXPORTS 14. However, we index it starting from 1, not 0, to match actual port numbers. This can lead to writing po...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: dw2102: Fixed a nullptrderef issue in dw2102i2ctransfer In dw2102i2ctransfer, msg is controlled by the user. When msgi.buf is null and msgi.len is zero, previous checks on msgi.buf will still be performed. Malicious data...