313490 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fixed a memory leak in amdpmcstbdebugfsopenv2. The function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism is enabled. When amdpmcsendcmd fails, the ‘buf’ variable needs to be released...
Astra Linux - уязвимость в openjpeg2
In OpenJPEG 2.3.1 through 2020-01-28, opjt1clbldecodeprocessor in openjp2/t1.c has a heap-based buffer overflow in the qmfbid==1 case. This is a different issue than CVE-2020-6851...
Astra Linux - уязвимость в linux-5.15, linux-6.1
A flaw was discovered in the handling of SMB2 read requests within the kernel’s ksmbd module. The issue arises due to the lack of proper validation of user-provided data, which can lead to reading data beyond the end of an allocated buffer. An attacker can exploit this vulnerability to disclose...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Soundwire: qcom: fix for storing port configuration beyond the bounds The value of qcomswrmctrl-pconfig is QCOMSDWMAXPORTS 14. However, we index it starting from 1, not 0, to match actual port numbers. This can lead to writing po...
Astra Linux - уязвимость в apache2
Apache HTTP Server 2.4.53 and earlier may return incorrect lengths when applications call r:wsread, causing the buffer to point past the end of the storage allocated for it...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Treat the DPT BO as a framebuffer. Currently, i915gemobjectisframebuffer does not treat the BO containing the DPT as a framebuffer itself. This means that the shrinker can evict the DPT BO while leaving the actual F...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Media: cx23885 – Fixed a nullptrderef bug in bufferprepare and bufferfinish. When the driver calls cx23885riscbuffer to prepare the buffer, the function call dmaalloccoherent may fail, resulting in an empty buffer risc-cpu. Later...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Media: Verisilicon: AV1 – Fix for the tile info buffer size. Each tile info consists of: rowsb, colsb, startpos, and endpos 4 bytes each. Therefore, the total memory required is AV1MAXTILES 16 bytes. Use the correct define to...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: media: iris: Added missing platform data entries for SM8750. Two platform-data fields for SM8750 were omitted: - getvpubuffersize = irisvpu33bufsize Without this field, the driver fails to allocate the required internal buffer...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: accel/ivpu: Fixed a page fault in ivpubounbindallbosfromcontext...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fixed a possible memory leak in the mt7915mcuaddsta routine. The allocated skb was freed in the mt7915mcuaddsta routine in case of failures...
Astra Linux - уязвимость в gmp
The GNU Multiple Precision Arithmetic Arithmetic Library GMP version up to 6.2.1 has an integer overflow issue in the mpz/inpraw.c file, which can lead to a buffer overflow due to malicious input. This results in a segmentation fault on 32-bit platforms...
Astra Linux - уязвимость в ppp
A vulnerability classified as problematic has been discovered in ppp. The affected function is dumpppp in the file pppdump/pppdump.c of the pppdump component. Manipulation of the arguments spkt.buf/rpkt.buf leads to improper validation of array indices. The real existence of this vulnerability is...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs due to malformed user input. Malformed user input to debugfs can lead to buffer overflow crashes. Adjust the length of the input string to fit within the internal buffers,...
Astra Linux - уязвимость в gst-plugins-bad1.0
GStreamer SRT File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interacting with this library is required to exploit this vulnerability, but the attack...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: A bug in markbufferdirty was fixed, as it previously caused a warning when buffers were discarded and reused. A syzbot stress test using a corrupted disk image revealed that markbufferdirty called from nilfsmark inodedirt...
Astra Linux - уязвимость в mbedtls
A issue was discovered in Arm Mbed TLS before version 2.24.0. The function mbedtlsx509crlparseder has a buffer over-read of one byte...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: HID: Intel-thc-hid: Added a safety check for reading the DMA buffer. A readiness check for the DMA buffer is added before reading it, to avoid unexpected NULL pointer accesses...
Astra Linux - уязвимость в redis
Redis is an in-memory database that persists data on disk. Redis improperly handles the resizing of memory buffers, which can lead to integer overflow, resulting in heap overflow and potential remote code execution. This issue has been fixed in versions 7.0.15 and 7.2.4...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Ring Buffer: Do not attempt to read beyond the “commit” boundary. When iterating over the ring buffer while the ring buffer is active, the writer can corrupt the reader. There are mechanisms to detect and handle this issue, but t...