16916 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: fixed an uninitialized flag for AV/C deferred transactions. AV/C deferred transactions were supported at commit 00a7bb81c20f “ALSA: firewire-lib: add support for deferred transactions”. However, the ‘deferrabl...
Astra Linux – Vulnerability in c-ares
A flaw was discovered in the c-ares package. The aressetsortlist function lacks checks for the validity of the input string, which could lead to a stack overflow vulnerability with an arbitrary length. This issue may cause a denial of service or have a limited impact on confidentiality and...
Astra Linux – Vulnerability in binutils
A issue was discovered in the function parsestabstructfields in stabs.c in Binutils 2.34 through 2.38. This issue allows attackers to cause a denial of service due to memory leaks...
Astra Linux – Vulnerability in c-ares
A flaw was discovered in the c-ares library. A missing input validation check for host names returned by DNS Domain Name Servers can result in incorrect hostnames being displayed. This could potentially lead to Domain Hijacking. The greatest threat posed by this vulnerability is related to...
Astra Linux – Vulnerability in protobuf-c, libsignal-protocol-c
Protobuf-c before version 1.4.1 has an unsigned integer overflow in the parserequiredmember field...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
A issue was discovered in lib/kobject.c in the Linux kernel before version 6.2.3. With root access, an attacker can trigger a race condition that results in an out-of-bounds write of the fillkobjpath variable...
Astra Linux – Vulnerability in glibc
NSCD: The NetGroup Cache may terminate the daemon due to a memory allocation failure. The NetGroup Cache Daemon’s NSCD netgroup cache uses xmalloc or xrealloc, and these functions may terminate the process due to a memory allocation failure, resulting in a denial of service for clients. This flaw...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: mlxsw: spectrumaclerp: Fixed object nesting warnings ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM A-TCAM or in the ordinary circuit TCAM C-TCAM. The former can contain more ACLs i.e., tc filters, but t...
Astra Linux – Vulnerability in Linux, Linux 5.10
The pepsockaccept function in the net/phonet/pep.c file in the Linux kernel, as of version 5.15.8, has a reference count leak...
Astra Linux – Vulnerability in binutils
It has been discovered that GNU Binutils prior to version 2.40 contains a memory leak vulnerability in the findabstractinstance function in dwarf2.c...
Astra Linux – Vulnerability in c-ares
c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service attacks. When a target resolver sends a query, the attacker creates a malformed UDP packet with a length of 0 and sends it back to the target resolver. The target resolver misinterprets this 0-length field as an...
Astra Linux – Vulnerability in Wireshark
In Wireshark versions 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This issue was addressed in the epan/dissectors/packet-nfs.c file by preventing excessive recursion, such as when a cycle occurred in the directory graph of a filesystem...
Astra Linux – Vulnerability in krb5
Kerberos 5 also known as krb5 1.21.2 contains a memory leak vulnerability in the file /krb5/src/lib/gssapi/krb5/k5sealv3.c...
Astra Linux – Vulnerability in binutils
A issue was discovered in the function stabdemanglev3arg in stabs.c in Binutils 2.34 through 2.38. This issue allows attackers to cause a denial of service due to memory leaks...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: libceph: fixed invalid accesses to cephconnectionv1info. There is a place where generic code in messenger.c reads from certain fields, and another place where it writes to members of the con-v1 union without checking that those...
Astra Linux – Vulnerability in glibc
The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library also known as glibc from versions up to 2.34 copies its hostname argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the...
Astra Linux – Vulnerability in protobuf-c
It was discovered that Protobuf-c v1.4.0 contains an invalid arithmetic shift through the parsetagandwiretype function in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service DoS attack through unspecified vectors...
Astra Linux – Vulnerability in gst-plugins-good1.0
DOS: Potential heap overwrite during MKV demuxing using LZO decompression. Integer overflow in the Matroskademux element within the LZO decompression function can cause a segfault, or potentially a heap overwrite, depending on the libc and operating system. Depending on the libc used and the...
Astra Linux – Vulnerability in gst-plugins-good1.0
DOS: Potential heap overwrite during MKV demuxing using Zlib decompression. Integer overflow occurs in the matroskademux element within the gstmatroskadecompressdata function, which can cause a segfault—or potentially a heap overwrite, depending on the libc and operating system. Depending on the...
Astra Linux – Vulnerability in sysstat
Before version 12.1.6, sysstat experienced memory corruption due to an integer overflow in the remapstruct function within sacommon.c...