73673 matches found
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerabilities have been resolved: cifs: Return the correct error code from smb2getenckey Avoid a warning if the error is passed back up: 440700.376476 CIFS VFS: \otters.example.com cryptmessage: Could not get encryption key 440700.386947 ------------ Cut here...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mshv: Error handling in mshvregionpin has been fixed. The current error handling has two issues: Firstly, the pinuserpagesfast function may return a short pin count less than the requested count but greater than zero when it...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf/arm-cmn: Unsupported hardware configurations are now rejected. So far, we have been fairly lenient in accepting both unknown CMN models at least with a warning, as well as unknown versions of those models that we do know...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: cxl: fixed a possible null-ptr-deref in cxlguestinitafu|adapter. If deviceregister fails in cxlregisterafu|adapter, the device is not added. In this case, deviceunregister cannot be called in the error path. Otherwise, a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: igb: Cleanup in all error paths when enabling SR-IOV After commit 50f303496d92 “igb: Enabling SR-IOV after reinit”, removing the igb module could cause a hang or crash depending on the machine when the module was loaded with t...
Astra Linux - уязвимость в xorg-server
A flaw was discovered in xorg-server. Changing the actions of XKB buttons, such as moving between the touchpad and the mouse, can lead to out-of-bounds memory reads and writes. This may allow for local privilege escalation or potential remote code execution, especially in cases where X11 forwardi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bnge: Return after auxiliarydeviceuninit in the error path. When auxiliarydeviceadd fails, the error handling code calls auxiliarydeviceuninit, but it does not return. auxiliarydeviceuninit drops the last reference to the device...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: Soundwire: Stream – Fixing a memory leak in the stream configuration error path When the stream configuration fails, the master runtime will release all slave runtimes from the slavertlist. However, at this point, the slave...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: A memory leak has been fixed in ocfs2mountvolume. There is a memory leak reported by kmemleak: - Unreferenced object: 0xffff88810cc65e60 size: 32 - Command: “mount.ocfs2”, PID: 23753, Jiffies: 4302528942 Age: 34735.105s...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The handling of the pcichanneliofrozen case is now performed only in amdgpupciresume. In current code, when a PCI error state pcichannelionormal is detected, it will report the PCIERSRESULTCANRECOVER status to the PCI...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fixed negative period/buffer sizes The calculation of the period size in the OSS layer may generate a negative value as an error. However, the code there assumes only positive values and handles them using sizet. ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mac80211: fixed the issue of locking in the ieee80211startap error path. We need to hold the local-mtx to release the channel context; this is even encoded in the lockdepassertheld function. Fix this issue...
Astra Linux - уязвимость в u-boot
A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation with a failed length check at nfslookupreply...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tty: serial: 8250: serialcs: Fixed a memory leak in the error handling path In the probe function, if the serialconfig function fails, resources are being leaked. Add a resource handling mechanism to free up this memory...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error via the establishproxyconnection function. An attacker can corrupt stack memory by sending a specially crafted HTTP proxy response line of 1023 or more bytes without a newline terminator, potentially leading to...
Rsync 缓冲区错误漏洞
Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Versions of Rsync 3.4.2 and earlier have a buffer error vulnerability. This vulnerability stems from a 32-bit signed counter in the compression token decoder that does not check...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021639)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021639 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUGON when 0 reference count at btrfslookupextentinfo Instead of doing a BUGON handl...
NLnet Labs Unbound 缓冲区错误漏洞
NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained a buffer error vulnerability. This vulnerability stemmed from the use of incorrect counters in the DNSSEC verifier to calculate the write offset, resulting...
NVIDIA TensorRT 缓冲区错误漏洞
NVIDIA TensorRT is a software development toolkit provided by NVIDIA Corporation for the optimization of deep learning model inference and high-performance deployment. NVIDIA TensorRT has a buffer error vulnerability, which stems from out-of-bounds writes, potentially leading to data corruption...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021580)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021580 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUGON on ENOMEM from btrfslookupextentinfo in walkdownproc We handle errors here...