73672 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ublk: Fixed NULL pointer dereferencing in ublkctrlsetsize. The ublkctrlsetsize function dereferes ub-ubdisk unconditionally through setcapacityandnotify, without checking whether ub-ubdisk is NULL. ub-ubdisk becomes NULL befor...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: reset: gpio: fix double free in resetaddgpioauxdevice error path When auxiliarydeviceadd fails, resetadd gpioauxdevice calls auxiliarydeviceuninitadev. The device release callback resetgpioauxdevicerelease frees adev, but the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net.manap: Null servicewq on setup error to prevent double destruction. In the managdsetup error path, set gc-servicewq to NULL after destroyworkqueue, to match the cleanup in managdcleanup. This prevents a use-after-free if the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘media: iris’: Add a sanity check for stopping streaming.” This change is reflected in the commit ad699fa78b59241c9d71a8cafb51525f3dab04d4. The check that previously skipped “stopstreaming” when the instance was in...
Astra Linux - уязвимость в libx11
A vulnerability was discovered in libX11. The security flaw arises because the functions in src/InitExt.c of libX11 do not check whether the values provided for the Request, Event, or Error IDs are within the bounds of the arrays to which those functions refer, by using those IDs as array indices...
Astra Linux - уязвимость в ffmpeg
A null pointer dereferencing issue was discovered in ‘FFmpeg’ within the decodemainheader function of the libavformat/nutdec.c file. The flaw occurs because the function does not check the return value of avformatnewstream, leading to a null pointer dereferencing error, which can cause the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: only publishes modedata after clone setup The iptfsclonestate function stores x-modedata before allocating the reorder window. If this allocation fails, the cloned state is freed, and -ENOMEM is returned, leaving...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Firmware: stratix10-rsu: Fixed a NULL pointer dereference issue when RSU is disabled. When the Remote System Update RSU is not enabled in the First Stage Boot Loader FSBL, the driver encounters a NULL pointer dereference when...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fixed the NFSv4.2 kernel bug at mm/usercopy.c:102. A call to listxattr with a buffer size of 0 returns the actual size of the buffer required for a subsequent call. When size 0, nfs4listxattr does not return an error...
Astra Linux - уязвимость в apache2
Apache HTTP Server 2.4.52 and earlier fail to close inbound connections when errors occur during the discarding of the request body, exposing the server to HTTP Request Smuggling attacks...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Tunnels: Fixed an issue where a splat fault occurred when generating IPv4 PMTU errors. If we attempt to emit an ICMP error in response to a non-linear SKB, we encounter the following issue: Bug: KASAN: Out-of-bounds access in...
Astra Linux - уязвимость в gst-plugins-good1.0
Before version 1.18.4, GStreamer might access already-freeed memory in error code paths when demuxing certain malformed Matroska files...
Astra Linux - уязвимость в parsec
The vulnerability of the pdpl-user utility in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks. In the fields nextid, foldercount, and filecount in the super block, the values were expanded to 64 bits, and mechanisms like BUGON were added to detect overflow...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed a NULL pointer derefrence in f2fssubmitpagewrite BUG: NULL pointer derefrence in the kernel; address: 0000000000000014 RIP: 0010:f2fssubmitpagewrite+0x6cf/0x780 f2fs Call Trace: ? show regs+0x6e/0x80 ? die+0x29/0x70 ?...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: sr9800: Added a check for usbnetgetendpoints. Added a check for usbnetgetendpoints and returned an error if it fails, in order to transfer the error...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp-mach-common: Added missing error checking for clock acquisition. The acpcardrt5682init and acpcardrt5682sinit functions did not check the return values of clkget. This could lead to a kernel crash when invalid...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fixed a memory out-of-bounds issue when numconfigs is 1. The configuration passed in by padwakeup is set to 1 when numconfigs is 1. In this case, Configuration 1 should not be retrieved, which will be detected...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a NULL pointer derefrence issue in bnxtptpenable during error cleanup. When bnxtinitone fails during initialization e.g., bnxtinitintmode returns -ENODEV, the error handling code calls bnxtfreehwrmresources, which...
Astra Linux - уязвимость в chromium
In V8 of Google Chrome, out-of-bounds memory access prior to version 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...