313490 matches found
Astra Linux – Vulnerability in htmldoc
In HTMLDOC 1.9.14, an infinite loop in the gifreadlzw function can cause a pointer to point arbitrarily to heap memory, leading to a buffer overflow...
Astra Linux - уязвимость в faad2
A issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function ltprediction located in ltpredict.c. This allows an attacker to cause code execution...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: can: dev: canrestart: fix use after free bug After calling netifrxniskb, dereferencing skb is unsafe. In particular, the canframe field, which aliases skb memory, is accessed after the netifrxni function in: stats-rxbytes +=...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: The FPU state is invalidated after a failed XRSTOR operation from a user buffer. Both Intel and AMD consider it to be architecturally valid for XRSTOR to fail with PF, but they have nonetheless changed the state of the...
Astra Linux - уязвимость в libde265
Libde265 1.0.9 is vulnerable to Buffer Overflow in the function void putqpelfallback...
Astra Linux - уязвимость в libde265
It was discovered that Libde265 v1.0.14 contains a heap-buffer-overflow vulnerability in the derivecombinedbipredictivemergingcandidates function at motion.cc...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: UVC: Prevent buffer overflow in setup handler The uvcfunctionsetup function allows control transfers with a payload of up to 64 bytes UVCMAXREQUESTSIZE. The data stage handler for OUT transfers uses memcpy to copy th...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ntfs3: Fixed an issue where an uninitialized buffer allocated by getname was used. Fixed uninitialized errors that occurred after the buffer was allocated to ‘de’; by initializing the buffer with zeros. This fix was discovered...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
The fix for XSA-423 added logic to the Linux’s netback driver to handle cases where a packet is split by a frontend, resulting in not all of the headers being together in one piece. Unfortunately, the introduced logic did not account for the extreme case where the entire packet is split into as...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ALSA: hda/ca0132: fixed a buffer overflow issue in tuningctlset The tuningctlset function might cause a buffer overflow if it does not break from the loop when matching A. static int tuningctlset... for i = 0; i This patch...
Astra Linux - уязвимость в imagemagick
The WriteOnePNGImage function from coders/png.c the PNG encoder contains a for loop with an improper exit condition, which may lead to an out-of-bounds READ operation due to a heap-buffer-overflow issue. This occurs because it is possible for the colormap to have fewer than 256 valid values, and...
Astra Linux - уязвимость в poppler
The Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Buffer validation was corrected by including the size of the null-terminating character in the EA length. The smb2setea function, which handles Extended Attributes EA, conducted buffer validation checks that incorrectly...
Astra Linux - уязвимость в apache2
Apache HTTP Server 2.4.53 and earlier may return incorrect lengths when applications call r:wsread, causing the buffer to point past the end of the storage allocated for it...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fixed NULL pointer access in the interrupt handler. The TX buffer in spitransfer can be a NULL pointer. As a result, the interrupt handler may write to invalid memory, causing crashes. Add a check for trans-txbuf...
Astra Linux - уязвимость в vim
Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 9.0...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: xhci: Properly handling isoc Babble and Buffer Overrun events xHCI 4.9 explicitly prohibits making assumptions that the xHC has released its ownership of a multi-TRB TD when an error occurs in one of the early TRBs. However, t...
Astra Linux - уязвимость в linux-5.15
A issue was discovered in the net/ceph/messengerv2.c file within the Linux kernel before version 6.4.5. There is an integer signedness error, which leads to a buffer overflow and remote code execution via the HELLO command or one of the AUTH frames. This occurs due to an untrusted length value...
Astra Linux - уязвимость в tiff
Libtiff 4.5.0 is vulnerable to a Buffer Overflow issue through the use of the extractContigSamplesShifted8bits function, located at /libtiff/tools/tiffcrop.c:3753...
Astra Linux - уязвимость в vim
Vim is vulnerable to Heap-based Buffer Overflow attacks...