58904 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed a crash that occurred when the event log was disabled. If reporting errors to the event log is not supported by the hardware, and an error that causes a Function Level Reset FLR is received, the driver will...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check the return value of indxfind to avoid infinite loops We have identified a bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed dentry in the ntfs3 filesystem can cause the...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: “recordmcount”: Fixed memory leaks in the uwrite function. “Common realloc mistake”: The “file.Append” pointer was set to null, but it wasn’t freed upon failure...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: mmc: moxart: Fix the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked, leading to a kernel crash due to the remova...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: Skip vcn poison irq release on VF VF does not enable VCN poison irq in VCNv2.5. Skip releasing it and avoid call trace during deinitialization. 71.913601 drm Clean up the vf2pf work item 71.915088 ------------ Cut...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: drivers: dio: A possible memory leak has been fixed in dioinit. If deviceregister returns an error, the dev object and its associated name need to be freed. Add a release function, and then call putdevice in the error handling...
Astra Linux - уязвимость в parsec
The vulnerability of the gobblefile function in the lsm utility of the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause service failures...
Astra Linux - уязвимость в node-brace-expansion
A vulnerability was discovered in the juliangruber brace-expansion library up to versions 1.1.11/2.0.1/3.0.0/4.0.0. This issue has been identified as problematic. The affected function is the “expand” function of the file index.js. Manipulation of this function leads to inefficient use of regular...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: Single issue: fixed the potential NULL dereference in pcsgetfunction. The pinmuxgenericgetfunction function may return NULL, and the pointer “function” was dereferenced without checking against NULL. Added checking of th...
Astra Linux - уязвимость в zziplib
A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service through the zzipFetchDiskTrailer function located in the /zzip/zip.c file...
Astra Linux - уязвимость в busybox
A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: ffs: Fix use-after-free for epfile Consider a case where ffsfuncepsdisable is called from ffsfuncdisable as part of the composition switch. At the same time, ffsepfilerelease is called from the user space. ffsepfilerelease...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an issue where the index out of bounds occurred in the DCN30 degamma hardware format translation. This commit addresses a potential index out of bounds issue in the cm3helpertranslatecurvetodegammahwformat...
Astra Linux - уязвимость в glibc
The wordexp function in the GNU C Library also known as glibc, up to version 2.33, may crash or access arbitrary memory during the parseparam function located in posix/wordexp.c when called with an untrusted, crafted pattern. This could potentially lead to a denial of service or the disclosure of...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: jfs: fixed GPF in diFree Avoid passing an inode with JFSSBIinode-isb-ipimap == NULL to diFree1. GFP will be returned: struct inode ipimap = JFSSBIip-isb-ipimap; struct inomap imap = JFSIPipimap-iimap; JFSIP will return an...
Astra Linux - уязвимость в busybox
A use-after-free vulnerability was discovered in BusyBox v.1.36.1 through a malicious awk pattern in the awk.c copyvar function...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a slab-out-of-bounds read in eaget During the “sizecheck” step in eaget, the code checks whether the extended attribute list xattr size matches easize. If not, it logs “eaget: invalid extended attribute” and calls...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3 – Fixed a kernel crash that occurred when devlink reloaded during pf initialization. The devlink reloading process will access hardware resources, but the register operations are performed before the hardware is...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ixgbe: Added locking to prevent panic when setting sriovnumvfs to zero. It is possible to disable VFs while the PF driver is processing requests from the VF driver. This can result in a panic. BUG: Unable to handle kernel pagi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed the memory leak in sashba.phy in mpi3mrremove. Released mrioc-sashba.phy during .remove...