58911 matches found
Astra Linux - уязвимость в sox
A vulnerability was discovered in SoX, where a heap buffer overflow occurs in the startread function in the hcom.c file. This vulnerability can be exploited by using a specially crafted hcomn file, which may cause the application to crash...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: x86: stopped the use of stack-based calculations in the profilepc function. The profilepc function is used for timer-based profiling, which isn’t really that relevant anymore. It also makes assumptions about the stack layout that...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: iio: chemical: bme680: Fixed overflows in the compensate functions There are cases in the compensate functions of the driver where overflows of variables may occur due to bit shifting operations. These issues were initially...
Astra Linux - уязвимость в faad2
A issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function ltprediction located in ltpredict.c. This allows an attacker to cause code execution...
Astra Linux - уязвимость в libtar
The thread function does not free the variable t-thbuf.gnulonglink after allocating memory, which may lead to a memory leak...
Astra Linux - уязвимость в espeak-ng
It was discovered that Espeak-ng 1.52-dev contains a Stack Buffer Overflow issue due to the function RemoveEnding in the dictionary.c file...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: lltemac: The function platformgetresource was replaced with the function devmplatformioremapresourcebyname. This function is called using 0 as the name. Eventually, this leads to a call to platformgetresourcebyname in the ca...
Astra Linux - уязвимость в djvulibre
A flaw was discovered in djvulibre-3.5.28 and earlier. A heap buffer overflow occurs in the function DJVU::GBitmap::decode, due to a malicious djvu file, which may lead to the application crashing and other related issues...
Astra Linux - уязвимость в avahi
A vulnerability was discovered in Avahi. There exists a potentially exploitable assertion in the avahiescapelabel function...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Disable IRQs before initfn for non-boot CPUs. Disable IRQs before initfn for non-boot CPUs during hotplug operations, in order to silence such warnings and also to avoid potential errors due to unexpected interrupts...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed the memory leak in sashba.phy in mpi3mrremove. Released mrioc-sashba.phy during .remove...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: iavf: fixed the hang upon reboot with Ice When a system with E810 and existing VFs is rebooted, the following hang may occur. PID 1 hangs in iavfremove, which is part of a network driver: PID: 1 TASK: ffff965400e5a340 CPU: 24...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ixgbe: Added locking to prevent panic when setting sriovnumvfs to zero. It is possible to disable VFs while the PF driver is processing requests from the VF driver. This can result in a panic. BUG: Unable to handle kernel pagi...
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevention of use after freeing gicv2mgetfwnode. With ACPI enabled, the gicv2mgetfwnode function is registered with the PCI subsystem as pcimsigetfwnodecb. This function might be called during a PCI host bridge...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm: call -freefolio directly in foliounmapinvalidate. We can only call filemapfreefolio if we have a reference to or hold a lock on the mapping. Otherwise, we have already removed the folio from the mapping, so it no longer pinch...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Issue: unittest – Fix null pointer dereferencing in ofunittestfindnodebyname Description: When kmalloc fails to allocate memory in kasprintf, name or fullname will be NULL, and strcmp will cause a null pointer dereference...
Astra Linux - уязвимость в xorg-server
A heap buffer overflow flaw was discovered in the DisableDevice function of the X.Org server. This issue may cause an application to crash, or in some cases, lead to remote code execution in SSH X11 forwarding environments...
Astra Linux - уязвимость в zlib, libz-mingw-w64
Zlib versions up to 1.2.12 have a heap-based buffer over-read or buffer overflow issue in the inflate function within inflate.c, due to a large gzip header extra field. NOTE: Only applications that call inflateGetHeader are affected. Some common applications bundle the affected Zlib source code,...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: NFS: Fixed the filehandle bounds checking in nfsfhtodentry. The function needs to check the minimum filehandle length before it can access the embedded filehandle...
Astra Linux - уязвимость в ffmpeg
An integer overflow vulnerability exists in the avtimecodemakestring function in libavutil/timecode.c within FFmpeg version 4.3.2. This vulnerability allows local attackers to cause a Denial-of-Service DoS attack through a crafted .mov file...