Vulnerabilities found in Microsoft Windows

Microsoft has published measures to address a vulnerability in Windows operating systems that could allow malicious individuals to access data encrypted via BitLocker. The vulnerability involves bypassing a security feature in Windows, known as “YellowKey”. A proof of concept is available that...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Improved error handling for ext4dirhash The ext4dirhash function almost never fails, especially since the “hash tree” feature was first introduced. However, with the addition of support for encrypted, case-folded file names...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ubifs: Memory freed for the tmpfile name When opening a ubifs tmpfile in an encrypted directory, the function fscryptsetupfilename allocates memory for the name that will be stored in the directory entry. However, after the name ...

Astra Linux - уязвимость в linux-5.10

A flaw was discovered in the Linux kernel. The existing KVM SEV API contains a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in an AMD CPU that supports Secure Encrypted Virtualization SEV...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Mapping EFI-reserved memory as encrypted for SEV Some drivers require memory that is marked as EFI boot services data. To prevent this memory from being reused by the kernel after ExitBootServices, efimemreserve is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: avoided a kernel bug for encrypted inodes with unaligned file sizes. The generic/397 test encountered a bug in the case of encrypted inodes with unaligned file sizes for example, 33K or 1K: 877.737811 ran fstests generic/39...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Rejects attempts to synchronize VMSA of a vCPU that has already been launched/encrypted. Synchronize the vCPU state with its associated VMSA if the vCPU has already been launched, that is, if the VMSA has already been...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubifs: A memory leak was fixed in the dorename function. When renaming a file in an encrypted directory, the function fscryptsetupfilename allocates memory for the file name. This name is never actually used, and before returning...

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2, where its configuration file, known as grub.cfg, is created with the wrong permission set, allowing non-privileged users to read its contents. This represents a minor confidentiality issue, as those users could potentially access any encrypted passwords contained i...

Astra Linux - уязвимость в docker.io

Moby is an open-source container framework developed by Docker Inc. It is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component, “dockerd”, which was developed as “moby/moby”, is commonly referred to as Docker. Swarm Mode, whi...

Astra Linux - уязвимость в firefox, thunderbird

An attacker was able to cause memory corruption in the GMP process, which handles encrypted media. This process is also highly sandboxed, but it operates with slightly different privileges compared to the content process. This vulnerability has been fixed in Firefox 142, Firefox ESR 115.27, Firef...

Astra Linux - уязвимость в edk2

The example of an encrypted private key in EDK2, present in the IpSecDxe.efi, may pose potential security risks...

Astra Linux - уязвимость в docker.io

Moby is an open-source container framework developed by Docker Inc. It is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component, dockerd, which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode, which is...

Astra Linux - уязвимость в thunderbird

If a MIME-encoded email contains an OpenPGP inline signed or encrypted message part, but also contains an additional unprotected part, Thunderbird did not indicate that only certain parts of the message are protected. This vulnerability affects Thunderbird versions earlier than 78.10.2...

Astra Linux - уязвимость в qtbase-opensource-src

A issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code that makes security-related decisions regarding established connections may execute prematurely, because the encrypted signal has not yet been...

Astra Linux - уязвимость в thunderbird

The encrypted subject of an email message may be incorrectly and permanently assigned to another arbitrary email message in Thunderbird’s local cache. As a result, when replying to the contaminated email message, the user may accidentally expose the confidential subject to a third party. While th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: Allows the CPU to reschedule while setting per-page memory attributes. When running a SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host may experience CPU soft lockups when performing an operation in...

Astra Linux - уязвимость в linux

A vulnerability was discovered in the Linux kernel before version 5.9. Arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service soft lockup by triggering the destruction of a large SEV VM, which requires unregistering many encrypted regions. This vulnerability is also known as...

Astra Linux - уязвимость в thunderbird

When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed, or both, Thunderbird may display incorrect encryption or signature statuses. After opening and viewing the attached message B, when returning to the display of message A, message A may...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the issue of waiting for block writeback in the postread case. If the inode is compressed but not encrypted, the function f2fswaitonblockwriteback was not called properly to wait for the GC-ed page writeback in the...