Astra Linux - уязвимость в libxml2

The vulnerability of the xmlMemStrdup function in the Libxml2 library is related to pointer manipulation errors. Exploiting this vulnerability allows an attacker to cause a service failure...

Astra Linux - уязвимость в speex

A vulnerability involving division by zero in the static int readsamples function of Speex v1.2 allows attackers to cause a Denial-of-Service attack through a specially crafted WAV file...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k: The affinity hint was cleared before calling ath11kpcicfreeirq in the error path. If a shared IRQ is used by the driver due to platform limitations, then the IRQ affinity hint is set correctly after the allocation o...

Astra Linux - уязвимость в xorg-server

A flaw was discovered in xorg-server. Changing the actions of XKB buttons, such as moving between the touchpad and the mouse, can lead to out-of-bounds memory reads and writes. This may allow for local privilege escalation or potential remote code execution, especially in cases where X11 forwardi...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: smb: Client: Fixed the smbdirectrecvio leak in the smbdnegotiate error path. During tests of another unrelated patch, I was able to trigger this error: Objects remaining on kmemcacheshutdown...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/shmem-helper: The erroneous “put” operation has been removed from the error path. The drmgemshmemmmap function does not have a reference in the error code path, resulting in the dma-buf shmem GEM object being freed...

Astra Linux - уязвимость в gst-plugins-good1.0

Before version 1.18.4, GStreamer might access already-freeed memory in error code paths when demuxing certain malformed Matroska files...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drbd: Added krefget to the handlewriteconflicts function. With “two-primaries” enabled, DRBD attempts to detect “concurrent” writes and handle write conflicts. This ensures that even if you write to the same sector simultaneously...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Netfilter: xtnfacct – Do not assume that the acct name is terminated with a null character. BUG: KASAN: Out-of-bounds access to memory in ..lib/vsprintf.c:721 Size of the read value is 1, at address ffff88801eac95c8, by task...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: idxd: Fixed a double-free in idxdsetupwqs The cleanup in idxdsetupwqs contained a few bugs, as the error handling was somewhat subtle. It’s simpler to rewrite the code in a more clean way. The issues are as follows:...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: EDAC/skxcommon: Fixed the general protection fault After loading i10nmedac which automatically loads skxedaccommon, if only i10nmedac is unloaded, then reloading it and performing error injection testing may cause a general...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a out-of-bounds situation in dbSplit. When dmtbudmin is less than zero, it causes errors in later stages. A check was added to return an error beforehand within dbAllocCtl itself...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double-free on error. The error handling path in itsvpeirqdomainalloc causes a double-free when itsvpeinit fails after successfully allocating at least one interrupt. This occurs because...

Astra Linux - уязвимость в golang-1.19

Templates do not properly handle backticks as JavaScript string delimiters, and do not escape them as expected. Backticks have been used since ES6 for JavaScript template literals. If a template contains a Go template action within a JavaScript template literal, the contents of the action can be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: ov8865: Fixed an error handling path in ov8865probe The commit in “Fixes” also introduced some new error handling mechanisms; these should replace the existing error handling paths. Otherwise, some resources may be leaked...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dpaa2-eth: The virtual address is retrieved before calling dmaunmap. The TSO header was unmapped via DMA before the virtual address was retrieved, and then the buffer was freed using that address. This meant that we actually...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: A bug was fixed regarding accessing an array out of bounds. When an error occurs during the parsing of JPEG data, the slot may not be properly acquired. This could be due to the default value MXCMAXSLOTS. If the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed the error handling logic in idxdcdevregister. If the call to allocchrdevregion fails, the already allocated resources may be leaked. Add the necessary error handling logic to prevent this issue from occurri...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: gpio: Resource leaks were fixed in cases where an error occurred in gpiochipadddatawithkey. Since the commit aab5c6f20023 "gpio: setting the device type for GPIO chips", gdev-dev.release is not set. As a result, the reference...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: suppress non-changes to the tagging protocol The way that dsatreechangetagproto works is as follows: When dsatreenotify fails, it does not know whether the operation failed midway through a multi-switch tree, or ...