73421 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel before version 5.19, the file drivers/gpu/drm/arm/malidpplanes.c misinterprets the return value of getsgtable. It expects the return value to be NULL in the error case, but in reality, it is an error pointer...
Astra Linux - уязвимость в grub2
Integer underflow in grubnetrecvip4packets; A malicious IP packet can cause an integer underflow in the grubnetrecvip4packets function, affecting the rsm-totallen value. Under certain circumstances, the totallen value may wrap around to a small integer number, which will be used in memory...
Astra Linux - уязвимость в firefox, thunderbird
When attempting to load a cross-origin resource in an audio/video context, a decoding error may occur. The details of that error may contain information related to the resource. This vulnerability affects Firefox versions earlier than 86, Thunderbird versions earlier than 78.8, and Firefox ESR...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpgalloc. In tpgalloc, resources should be deallocated in every possible error-handling path, as they are allocated using for statements. Otherwise, memleaks could occur, since tpgfree is onl...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - drm/amdgpu/gfx: Disable gfx9 cpeccerrorirq only when enabling legacy gfx ras. - gfx9 cpeccerrorirq is only enabled when legacy gfx ras is asserted. - In gfxv90hwfini, the disabling of cpeccerrorirq should be executed under...
Astra Linux - уязвимость в linux-6.1
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg – Zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests that were allocated using sockkmalloc were left uninitialized. This caused problems as callers had to explicitly set t...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: - media: v4l2-core: A potential resource leak was fixed in v4l2fwnodeparselink. - If the fwnodegraphgetremoteendpoint function fails, and ‘fwnode’ is set to NULL, then fwnodehandlePUT is a no-op. Instead, release the reference...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid updating the compression context during writeback Bai, Shuangpeng reported a bug as follows: Oops: division error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Avoid NULL pointer dereferencing in aerratelimit When platform firmware provides error information to the OS, for example, via the ACPI APEI GHES mechanism, it may identify a device that does not advertise an AER...
Astra Linux - уязвимость в firefox
An invalid downcast from nsHTMLDocument to nsIContent could result in undefined behavior. This vulnerability affects Firefox versions earlier than 110...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca – fixed a situation where the kernel’s NULL pointer dereferencing occurred due to an IO error. The initial settings will be written before the codec probe function is called. However, the rt711-component has not...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fixed a double-free in arfscreategroups. When the memory allocated by kvzalloc fails, arfscreategroups will free ft-g and return an error. However, arfscreatetable, the only function calling arfscreategroups, will hold...
Astra Linux - уязвимость в u-boot
In Das U-Boot through 2022.07-rc5, an integer signedness error and resulting stack-based buffer overflow occur in the “i2c md” command, which allows for the corruption of the return address pointer of the doi2cmd function...
Astra Linux - уязвимость в u-boot
A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation with a failed length check at nfslookupreply...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ima: Handle error code returned by imafilterrulematch In imamatchRules, if imafilterruleMatch returns -ENOENT due to the rule being NULL, the function incorrectly skips the if !rc check and sets result = true. The LSM rule is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: A bug in the ocfs2findvictimchain function was fixed. The syzbot reported a kernel bug in ocfs2findvictimchain. This bug occurs because the clnextfreerec field of the allocation chain list the next free slot in the chain...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iio: light: cm3605: Fixed an error handling path in cm3605probe. The commit in “Fixes” also introduced a new error handling path, which should be set to the existing one. Otherwise, some resources may be leaked...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mounts, IO requests are handled by vfsiocbiterread. However, this process can be interrupted by a SIGKILL signal, resulting in the return of the number of bytes...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: 'intelth': Fixed a resource leak in the error handling path. If an error occurs after calling 'pciallocirqvectors', 'pcifreeirqvectors' must be called, as already done in the remove function...