13635 matches found
Astra Linux - уязвимость в linux-6.1
A use-after-free vulnerability in the Linux kernel’s fs/smb/client component can be exploited to achieve local privilege escalation. In the event of an error in smb3fscontextParseparam, the ctx-password variable is freed, but the variable is not set to NULL, which could lead to a double-free. We...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A use-after-free vulnerability exists in the Linux kernel’s net/sched: schhfsc HFSC qdisc traffic control component. This vulnerability can be exploited to achieve local privilege escalation. If a class with a link-sharing curve i.e., with the HFSCFSC flag set has a parent without a link-sharing...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
A use-after-free vulnerability exists in the net/sched:clsfw component of the Linux kernel, which can be exploited to achieve local privilege escalation. If the tcfchangeindev function fails, fwsetparms will immediately return an error after incrementing or decrementing the reference counter in...
Astra Linux - уязвимость в linux-5.10
iouring uses workFlags to determine which identities need to be retrieved from the calling process, ensuring that they are consistent with the calling process when executing IORINGOP. Some operations lack certain types, which can lead to incorrect reference counts, potentially causing a...
Astra Linux - уязвимость в tiff
The "Divide By Zero" error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, the fix is available in the commit f3a5e010...
Astra Linux - уязвимость в tiff
The "Divide By Zero" error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, the fix is available in the commit f3a5e010...
Astra Linux - уязвимость в tiff
The "Divide By Zero" error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, the fix is available in the commit f3a5e010...
Astra Linux - уязвимость в tiff
LibTIFF 4.4.0 contains an out-of-bounds read in tiffcp, located at line 948 of tools/tiffcp.c. This vulnerability allows attackers to cause a denial-of-service attack through a specially crafted TIFF file. For users who compile LibTIFF from source code, the fix is available in the commit with the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: In usbnet, there is a flaw where unregisternetdev is called before unbind. The commit with the commit ID 2c9d6c2b871d “usbnet: run unbind before unregisternetdev” was intended to fix a use-after-free issue when disconnecting USB...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
A use-after-free vulnerability exists in the net/sched:clsfw component of the Linux kernel, which can be exploited to achieve local privilege escalation. When the fwchange function is called on an existing filter, the entire tcfresult struct is always copied into the new instance of the filter...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nvme: Fix for admin queue leaks upon controller reset When the nvmeallocadmintagset function is called during a controller reset, a previously existing admin queue may still exist. Properly release this queue before allocating a...
Astra Linux - уязвимость в linux-5.10
A double-free bug in the packetsetring function in net/packet/afpacket.c can be exploited by a local user through crafted syscalls to escalate privileges or deny services. We recommend upgrading the kernel to a version that is not affected by this bug, or rebuilding the code after the...
Astra Linux - уязвимость в tiff
LibTIFF 4.4.0 contains an out-of-bounds read in tiffcrop at line 3400 of tools/tiffcrop.c, allowing attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile LibTIFF from source code, the fix is available in the commit afaabc3e...
Astra Linux - уязвимость в tiff
The "Divide By Zero" error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, the fix is available in the commit f8d0f9aa...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Ring Buffer: Do not attempt to read beyond the “commit” boundary. When iterating over the ring buffer while the ring buffer is active, the writer can corrupt the reader. There are mechanisms to detect and handle this issue, but t...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
A use-after-free vulnerability exists in the Linux kernel’s net/sched:clsu32 component, which can be exploited to achieve local privilege escalation. When the u32change function is called on an existing filter, the entire tcfresult struct is always copied into the new instance of the filter. This...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
A use-after-free vulnerability in the Linux kernel’s netfilter:nftables component can be exploited to achieve local privilege escalation. The function nftpipapowalk does not skip inactive elements during the set walk, which can result in double deactivation of PIPAPO Pile Packet Policies elements...
Astra Linux - уязвимость в tiff
LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 3724 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIF file. For users who compile LibTIFF from source code, the fix is available in the comm...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Regenerate the buddy structure after block freeing fails when under fc replay. This fix primarily reverts to commit 6bd97bf273bd “ext4: Remove redundant mbregeneratebuddy”, and reintroduces the function mbregeneratebuddy...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A heap out-of-bounds write vulnerability in the Linux Kernel Performance Events perf component of the Linux kernel can be exploited to achieve local privilege escalation. If the perfreadgroup function is called when the siblinglist of an event is smaller than that of its child, it may increment o...