58900 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: libceph: The calctarget function should set t-paused instead of simply clearing it. Currently, calctarget clears t-paused if the request should no longer be paused, but it never sets t-paused even though it can determine when the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: The TOCTOU issue in skisreadable has been fixed. sk-skprot-sockisreadable is a valid function pointer when sk resides in a sockmap. After the last skpsockput call which usually occurs when a socket is removed from the sockma...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fixed the issue where the link state was exited during the removal of an upstream function. Before the patch dated 456d8aa37d0f “PCI/ASPM: Disabled ASPM during the removal of an MFD function to avoid use-after-free”, we...
Astra Linux - уязвимость в tiff
A buffer overflow vulnerability has been discovered in Libtiff V.4.0.7. This vulnerability allows a local attacker to cause a denial of service through the tiffcp function in tiffcp.c...
Astra Linux - уязвимость в edk2
EDK2 is vulnerable to a vulnerability in the CreateHob function, which allows a user to trigger an integer overflow that leads to a buffer overflow through a local network. Successful exploitation of this vulnerability may result in compromises of confidentiality, integrity, and/or availability...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock The smpcallfunction always runs its callback in a hard IRQ context, even when PREEMPTRT is enabled, where spinlocks may be in a sleeping state. Therefore, we need to use a raw spinloc...
Astra Linux - уязвимость в linux, linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Added handling of aborts in tmrlist that are processed by target core. An abort that is responded to by iSCSI itself is added to tmrlist, but it does not proceed to target core. A LUNRESET that goes through...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fixed a false positive caused by MTE Memory Tagging Extension in dokrealloc. This patch addresses an issue introduced by commit 1a83a716ec233, which causes MTE to falsely report a slab-out-of-bounds error. The probl...
Astra Linux - уязвимость в python-django
A issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. The urlize and urlizetrunc functions were vulnerable to a potential denial-of-service attack due to certain inputs containing an extremely large number of brackets...
Astra Linux - уязвимость в linux, linux-5.10
A vulnerability, classified as critical, has been discovered in the Linux kernel. The affected component is the deltimer function in the file drivers/isdn/mISDN/l1oipcore.c of the Bluetooth module. This vulnerability allows for manipulation leading to memory deallocation after it has been freed. ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel before version 5.16.3, the driver/bluetooth/hciqca.c file misinterprets the return value of devmgpiodgetindexoptional. It expects the return value to be NULL in the error case, but in reality, it is an error pointer...
Astra Linux - уязвимость в ffmpeg
A denial-of-service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ffframepoolget function in framepool.c...
Astra Linux - уязвимость в linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VFs to remove the administratively set MAC address. Currently, when a PF Powerful User administratively sets the MAC address of a VF, and the VF is disabled the VF attempts to delete all MAC addresses...
Astra Linux - уязвимость в zabbix
An attacker who has the privilege to configure Zabbix items can use the icmpping function, along with additional malicious commands, to execute arbitrary code on the current Zabbix server...
Astra Linux - уязвимость в xrdp
xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. Version 0.9.21 and earlier of xrdp contains a buffer overflow vulnerability in the xrdpmmtransprocessdrdynvcchannelclose function. There are no known solutions to thi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed a crash that occurred when the event log was disabled. If reporting errors to the event log is not supported by the hardware, and an error that causes a Function Level Reset FLR is received, the driver will...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check the return value of indxfind to avoid infinite loops We have identified a bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed dentry in the ntfs3 filesystem can cause the...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: “recordmcount”: Fixed memory leaks in the uwrite function. “Common realloc mistake”: The “file.Append” pointer was set to null, but it wasn’t freed upon failure...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: mmc: moxart: Fix the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked, leading to a kernel crash due to the remova...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: Skip vcn poison irq release on VF VF does not enable VCN poison irq in VCNv2.5. Skip releasing it and avoid call trace during deinitialization. 71.913601 drm Clean up the vf2pf work item 71.915088 ------------ Cut...