Astra Linux – Vulnerability in fig2dev

A stack-based buffer overflow in the genpstrxtext component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS by converting an xfig file into pstricks format...

Astra Linux – Vulnerability in GhostScript

A issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow occurs when parsing the filename format string for the output filename, resulting in path truncation, as well as possible path traversal and code execution...

Astra Linux – Vulnerability in hdf5

A issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5Fgetnrefs located in H5Fquery.c. This allows an attacker to cause a Denial of Service attack...

Astra Linux – Vulnerability in hdf5

The HDF5 library from version 1.14.3 has a segmentation fault in the H5VM.c function H5VMmemcpyvv...

Astra Linux – Vulnerability in hdf5

The HDF5 library from version 1.14.3 has a heap-based buffer overflow issue in the H5Olayoutencode function within H5Olayout.c, which leads to the corruption of the instruction pointer...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: cleanup of FB if dpuformatpopulatelayout fails If dpuformatpopulatelayout fails, then FB is prepared but not cleaned up. This results in the pincount being leaked from the GEM object, causing a crash during DRM file...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: s390/dasd: fixed an issue where error recovery led to data corruption on ESE devices. Extent Space Efficient ESE or thin-provisioned volumes need to be formatted on demand during normal IO processing. The dasdeseneedsformat...

Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ELF: fixed the double read of kernel.randomizevaspace. The ELF loader uses “randomizevaspace” twice. This is a sysctl setting that can be changed at any time; therefore, two reads could potentially access different values,...

Astra Linux – Vulnerability in libxmp

Libxmp through version 4.6.2 has a stack-based buffer overflow in the depackpha function in the loaders/prowizard/pha.c file, due to a malformed Pha format tracker module in a .mod file...

Astra Linux – Vulnerability in libimage-exiftool-perl

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and above allows arbitrary code execution when parsing the malicious image...

Astra Linux – Vulnerability in pillow

In Pillow before 8.1.0, PcxDecode has a buffer over-reading issue when decoding a crafted PCX file, because the user-supplied stride value is trusted for buffer calculations...

Astra Linux – Vulnerability in pillow

A issue was discovered in Pillow before version 8.1.1. The PDF parser allows a regular expression DoS ReDoS attack through a crafted PDF file due to a catastrophic backtracking in the regex...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: udf: Fixed NULL pointer dereferencing in the udfsymlink function. In the udfsymlink function, epos.bh is assigned the value returned by udftgetblk. The udftgetblk function is defined in udf/misc.c and returns the value of the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/secvar: A refcount leak has been fixed in formatshow. A refcount leak will occur when formatshow returns an error in multiple cases. Unified management of ofnodeput can fix this problem...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/lbr: Fixed an unchecked MSR access error related to HSW. The fuzzer triggers the following trace: 7763.384369 Unchecked MSR access error: WRMSR to 0x689 attempted to write 0x1fffffff8101349e at rIP:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: libbpf: Null-pointer dereferencing is prevented when the program to be loaded does not have a BTF. In bpfobjecloadprog, there is no guarantee that obj-btf is not NULL when it is passed to btffd. This function does not perform any...

Astra Linux – Vulnerability in exiv2

In Exiv2 0.26, there is a null pointer dereference in the Exiv2::DataValue::toLong function located in value.cpp. This issue is related to crafted metadata in a TIFF file...

Astra Linux – Vulnerability in libstb

A issue was discovered in stbstbimage.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting them to RGBA format. This led to a buffer overflow when the result was re-interpreted as a 16-bit buffer. An attacker could potentially use stbimage to crash a service, o...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel 6.0.8, there is a use-after-free in rununpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size...

Astra Linux – Vulnerability in hdf5

A memory leak in the H5Ochunkdeserialize function within H5Ocache.c, part of the HDF HDF5 library, from version 1.10.3 allows attackers to cause a denial of service due to excessive memory consumption through an exploitable HDF5 file...