Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed an out-of-bounds read when checking .dotdot dir. Mounting a corrupted filesystem with a directory containing a . dir entry where reclen == block size results in an out-of-bounds read later, when the corrupted director...

netfilter: xt_multiport: validate range encoding in checkentry

...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: Netfilter: xtnfacct – Do not assume that the acct name is terminated with a null character. BUG: KASAN: Out-of-bounds access to memory in ..lib/vsprintf.c:721 Size 1 of the data was read from addr ffff88801eac95c8 by task...

389-ds-base: information disclosure during the binding of a DN

When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...

389-ds-base: information disclosure during the binding of a DN

When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...

PT-2007-5329 · Rig · Ralf Image Gallery

Name of the Vulnerable Software and Affected Versions: Ralf Image Gallery RIG version 1.0 Description: A remote file inclusion issue exists, allowing remote attackers to execute arbitrary PHP code via a URL in the dir abs src parameter in the check entry.php file. However, it is reported that the...