58876 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: Fixed a NULL pointer dereferencing in -remove. The drvdata parameter must be set in probe; otherwise, platformgetdrvdata causes a NULL pointer dereferencing bug in remove...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: isdn: mISDN: Fixed the sleeping function called from an invalid context. The driver can call the card-isac.release function from an atomic context. This issue was fixed by calling this function after releasing the lock. The...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ipmi: Fixed the use of a pointer after it is freed in ipmidestroyuser. The intffree function frees the “intf” pointer, so we cannot dereference it again in the next line...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: A potential memory leak has been fixed in qedrallocmr. The qedrallocmr function allocates a memory chunk for “mr-info.pbltable” using initmrinfo. When rdmaalloctid and rdmaregistertid fail, “mr” is released, but...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ICE: Fix for the crash in the ethtool offline loopback test. Since the conversion of ICE to page pool, the ethtool loopback test crashes. BUG: Kernel NULL pointer dereference, address: 000000000000000c PF: Supervisor write access...
Astra Linux - уязвимость в krb5
The vulnerability of the getmechset function in the spnegomech.c component of the Kerberos authentication protocol is related to reading data from within a permissible buffer size. Exploiting this vulnerability allows an attacker to cause service failures...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/mremap: fixed the WARN message emitted by uffd when remap events are disabled. Registering userfaultd on a VMA that spans at least one PMD and then using mremap can trigger a WARN message when recovering from a failed page...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed the call trace in setuptxdescriptors. After a PF reset and the use of ethtool -t, there was a call trace in dmesg. Sometimes this led to a panic. After some time, approximately 5 seconds, between a reset and a test...
Astra Linux - уязвимость в sox
The readsamples function in hcom.c in Sound eXchange SoX 14.4.2 allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted hcom file...
Astra Linux - уязвимость в mariadb-10.3
It has been discovered that MariaDB Server v10.6.3 and earlier contains a use-after-free in the Itemfuncin::cleanup component, which can be exploited through specially crafted SQL statements...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Separate handlers are used for interrupts. The interrupt vector from PF to AF, and the interrupt vector from VF to AF, both use the same interrupt handler. This causes a race condition. When two interrupts are raise...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Registers the VF in netvscprobe if NETDEVICEREGISTER was missed. If the hvnetvsc driver is unloaded and reloaded, the NETDEVICEREGISTER handler cannot successfully register the VF, as the register call is received befor...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: udf: Fixed the issue of discarding data before allocation at the indirect extent boundary. When the preallocation extent is the first one in the extent block, the code would corrupt the extent tree header instead. This issue has...
Astra Linux - уязвимость в libde265
Libde265 v1.0.4 contains a global buffer overflow in the decodeCABACbit function, which can be exploited through a specially crafted file...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ice: Fixed the LAG and VF lock dependencies in iceresetvf. In version 9f74a3dfcf83, the ice driver acquired the LAG mutex in iceresetvf. This lock acquisition was placed just before acquiring the VF configuration lock. If...
Astra Linux - уязвимость в dcmtk
There is an improper array index validation vulnerability in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: bugfix for live migration function without VF device driver If the VF device driver is not loaded in the Guest OS and we attempt to perform device data migration, the address of the migrated data will be NULL. The...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9khtc: Use skbsetlength to reset urb before resubmitting it. Syzbot points out that skbtrim has a sanity check on the existing length of the skb; this length might not be initialized in some error-prone situations. The...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed an issue where the index out of bounds occurred in the degamma hardware format translation. Fixed the issue where the index out of bounds occurred in the cmhelpertranslatecurvetodegammahwformat function...
Astra Linux - уязвимость в dcmtk
There is an improper array index validation vulnerability in the nowindow functionality of OFFIS DCMT 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to exploit this vulnerability...