58880 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: pinctrl: Check the return value of pinmuxops::getfunctionname. While the API contract in the documentation does not explicitly specify this, the generic implementation of the getfunctionname callback from struct pinmuxops –...
Astra Linux - уязвимость в sox
The readsamples function in hcom.c in Sound eXchange SoX 14.4.2 allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted hcom file...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: udf: Fixed the issue of discarding data before allocation at the indirect extent boundary. When the preallocation extent is the first one in the extent block, the code would corrupt the extent tree header instead. This issue has...
Astra Linux - уязвимость в libde265
Libde265 v1.0.4 contains a global buffer overflow in the decodeCABACbit function, which can be exploited through a specially crafted file...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ice: Fixed the LAG and VF lock dependencies in iceresetvf. In version 9f74a3dfcf83, the ice driver acquired the LAG mutex in iceresetvf. This lock acquisition was placed just before acquiring the VF configuration lock. If...
Astra Linux - уязвимость в dcmtk
There is an improper array index validation vulnerability in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: bugfix for live migration function without VF device driver If the VF device driver is not loaded in the Guest OS and we attempt to perform device data migration, the address of the migrated data will be NULL. The...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9khtc: Use skbsetlength to reset urb before resubmitting it. Syzbot points out that skbtrim has a sanity check on the existing length of the skb; this length might not be initialized in some error-prone situations. The...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed an issue where the index out of bounds occurred in the degamma hardware format translation. Fixed the issue where the index out of bounds occurred in the cmhelpertranslatecurvetodegammahwformat function...
Astra Linux - уязвимость в dcmtk
There is an improper array index validation vulnerability in the nowindow functionality of OFFIS DCMT 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF A hung task trace was observed during LOGO processing. 974.309060 0000:00:00.0: qedfehdevicereset:868: 1:0:2:0: LUN RESET issued… 974.309065 0000:00:00.0:...
Astra Linux - уязвимость в libsdl1.2
SDL Simple DirectMediaLayer from version 1.2.15 to 2.x, and from 2.0.9 to 2.0.9, has a heap-based buffer overflow issue in the SDLFillRect function within the video/SDLsurface.c file...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - ice: fixed the memory leak in the eswitch code during the reset scenario. A simple eswitch mode checker has been added to the procedure for attaching VFs. Required port representative memory structures are allocated only in...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: net: ena: Fixed incorrect descriptor freeing behavior. ENA has two types of TX queues: - Queues that only process TX packets arriving from the network stack. - Queues that only process TX packets forwarded to them by XDPREDIRECT ...
Astra Linux - уязвимость в libwebp
A heap-based buffer overflow was discovered in libwebp in versions prior to 1.0.1 in the ShiftBytes function...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl-asoc-card: Set priv-pdev before using it. The priv-pdev pointer was set after being used in fslasoccardaudmuxinit. This assignment should be moved to the beginning of the probe function, so that sub-functions can...
Astra Linux - уязвимость в htmldoc
A buffer under-reading issue based on stacks in the htmldoc before version 1.9.12 allows attackers to cause a denial of service by using a crafted BMP image with the imageloadbmp function...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: PCI: Fixed NULL dereferencing in the error path during SR-IOV VF creation. Fixed issues where attempting to remove a device could lead to NULL pointer dereferencing. This issue occurred due to incorrect error handling when...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed possible invalid memory accesses after the FLR Function Level Reset. In the case where the first FLR Function Level Reset is completed correctly, but during the second FLR, the scratch area for the saved...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: The part of the cdns set that activates the state should be placed outside the spin lock. The device may be scheduled during the resume process; therefore, this issue cannot occur in atomic operations. Since...