73673 matches found
Astra Linux - уязвимость в libx11
A vulnerability was discovered in libX11. The security flaw arises because the functions in src/InitExt.c of libX11 do not check whether the values provided for the Request, Event, or Error IDs are within the bounds of the arrays to which those functions refer, by using those IDs as array indices...
Astra Linux - уязвимость в ffmpeg
A null pointer dereferencing issue was discovered in ‘FFmpeg’ within the decodemainheader function of the libavformat/nutdec.c file. The flaw occurs because the function does not check the return value of avformatnewstream, leading to a null pointer dereferencing error, which can cause the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: only publishes modedata after clone setup The iptfsclonestate function stores x-modedata before allocating the reorder window. If this allocation fails, the cloned state is freed, and -ENOMEM is returned, leaving...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Firmware: stratix10-rsu: Fixed a NULL pointer dereference issue when RSU is disabled. When the Remote System Update RSU is not enabled in the First Stage Boot Loader FSBL, the driver encounters a NULL pointer dereference when...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fixed the NFSv4.2 kernel bug at mm/usercopy.c:102. A call to listxattr with a buffer size of 0 returns the actual size of the buffer required for a subsequent call. When size 0, nfs4listxattr does not return an error...
Astra Linux - уязвимость в apache2
Apache HTTP Server 2.4.52 and earlier fail to close inbound connections when errors occur during the discarding of the request body, exposing the server to HTTP Request Smuggling attacks...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Tunnels: Fixed an issue where a splat fault occurred when generating IPv4 PMTU errors. If we attempt to emit an ICMP error in response to a non-linear SKB, we encounter the following issue: Bug: KASAN: Out-of-bounds access in...
Astra Linux - уязвимость в gst-plugins-good1.0
Before version 1.18.4, GStreamer might access already-freeed memory in error code paths when demuxing certain malformed Matroska files...
Astra Linux - уязвимость в parsec
The vulnerability of the pdpl-user utility in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks. In the fields nextid, foldercount, and filecount in the super block, the values were expanded to 64 bits, and mechanisms like BUGON were added to detect overflow...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed a NULL pointer derefrence in f2fssubmitpagewrite BUG: NULL pointer derefrence in the kernel; address: 0000000000000014 RIP: 0010:f2fssubmitpagewrite+0x6cf/0x780 f2fs Call Trace: ? show regs+0x6e/0x80 ? die+0x29/0x70 ?...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: sr9800: Added a check for usbnetgetendpoints. Added a check for usbnetgetendpoints and returned an error if it fails, in order to transfer the error...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp-mach-common: Added missing error checking for clock acquisition. The acpcardrt5682init and acpcardrt5682sinit functions did not check the return values of clkget. This could lead to a kernel crash when invalid...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fixed a memory out-of-bounds issue when numconfigs is 1. The configuration passed in by padwakeup is set to 1 when numconfigs is 1. In this case, Configuration 1 should not be retrieved, which will be detected...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a NULL pointer derefrence issue in bnxtptpenable during error cleanup. When bnxtinitone fails during initialization e.g., bnxtinitintmode returns -ENODEV, the error handling code calls bnxtfreehwrmresources, which...
Astra Linux - уязвимость в chromium
In V8 of Google Chrome, out-of-bounds memory access prior to version 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Mariadb 10.3
In MariaDB before 10.9.2, the compresswrite function in extra/mariabackup/dscompress.cc does not release the datamutex upon a stream write failure, which allows local users to trigger a deadlock...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: tee: amdtee: fixed an issue where ISERR returned NULL instead of an error pointer. The getfreepages function does not return error pointers; it returns NULL instead. Therefore, this condition needs to be corrected to avoid NUL...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fixed the issue of null pointer dereferencing on the pointer csdesc. The pointer csdesc is returned from sndusbfindclocksource; this pointer may be null, resulting in a potential null pointer dereferencing issue...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to “Unset the parent pointer for all rate objects”. However, it only calls the driver-specific rateleafparentset or...