Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with reclen == block size results in out-of-bounds read later on, when the corrupted directory is removed...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Netfilter: xtnfacct – Do not assume that the acct name is terminated with a null character. BUG: KASAN: Out-of-bounds access to memory in ..lib/vsprintf.c:721 Size 1 was read at address ffff88801eac95c8 by task...

netfilter: xt_multiport: validate range encoding in checkentry

...

389-ds-base: information disclosure during the binding of a DN

When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...

389-ds-base: information disclosure during the binding of a DN

When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...

PT-2007-5329 · Rig · Ralf Image Gallery

Name of the Vulnerable Software and Affected Versions: Ralf Image Gallery RIG version 1.0 Description: A remote file inclusion issue exists, allowing remote attackers to execute arbitrary PHP code via a URL in the dir abs src parameter in the check entry.php file. However, it is reported that the...