58921 matches found
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevention of use after freeing gicv2mgetfwnode. With ACPI enabled, the gicv2mgetfwnode function is registered with the PCI subsystem as pcimsigetfwnodecb. This function might be called during a PCI host bridge...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm: call -freefolio directly in foliounmapinvalidate. We can only call filemapfreefolio if we have a reference to or hold a lock on the mapping. Otherwise, we have already removed the folio from the mapping, so it no longer pinch...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Issue: unittest – Fix null pointer dereferencing in ofunittestfindnodebyname Description: When kmalloc fails to allocate memory in kasprintf, name or fullname will be NULL, and strcmp will cause a null pointer dereference...
Astra Linux - уязвимость в xorg-server
A heap buffer overflow flaw was discovered in the DisableDevice function of the X.Org server. This issue may cause an application to crash, or in some cases, lead to remote code execution in SSH X11 forwarding environments...
Astra Linux - уязвимость в zlib, libz-mingw-w64
Zlib versions up to 1.2.12 have a heap-based buffer over-read or buffer overflow issue in the inflate function within inflate.c, due to a large gzip header extra field. NOTE: Only applications that call inflateGetHeader are affected. Some common applications bundle the affected Zlib source code,...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: NFS: Fixed the filehandle bounds checking in nfsfhtodentry. The function needs to check the minimum filehandle length before it can access the embedded filehandle...
Astra Linux - уязвимость в ffmpeg
An integer overflow vulnerability exists in the avtimecodemakestring function in libavutil/timecode.c within FFmpeg version 4.3.2. This vulnerability allows local attackers to cause a Denial-of-Service DoS attack through a crafted .mov file...
Astra Linux - уязвимость в hdf5
A issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5ACunpinentry, located in H5AC.c. This allows an attacker to cause a Denial of Service attack...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: igb: revert rtnllock that causes deadlock The commit 6faee3d4ee8b "igb: Add lock to avoid data race" adds rtnllock to eliminate a false data race shown below FREE from device detaching | USE from netdev core igbremove |...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: perf bpf: Avoid memory leak from perfenvinsertbtf The perfenvinsertbtf function does not insert entries if a duplicate BTF ID is encountered, which can lead to a memory leak. The function should now return a success/error value; ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm – Requesting a reserved interrupt for the virtual function The device interrupt vector 3 is an error interrupt for physical functions, and it is also a reserved interrupt for virtual functions. However, the...
Astra Linux - уязвимость в glib2.0
A heap-based buffer overflow issue was discovered in glib due to an incorrect calculation of the buffer size in the gescapeuristring function. If the string to be escaped contains a very large number of unacceptable characters which would require escaping, the calculation of the length of the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: misc: tifpc202: fixed a potential memory leak in the probe function. Used foreachchildofnodescoped to simplify the code and ensure that the device node reference is automatically released when the loop scope ends...
Astra Linux - уязвимость в libde265
It was discovered that libde265 v1.0.10 contains a NULL pointer dereference in the ffhevcputhevcepelpixels8sse function located at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack through a crafted input file...
Astra Linux - уязвимость в libraw
In LibRaw, there is an out-of-bounds write vulnerability within the "newnode" function libraw\src\x3f\x3futilspatched.cpp that can be triggered via a crafted X3F file...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: Thermal: intelpowerclamp: Use getcpu instead of smpprocessorid to avoid crashes. When CPU 0 is offline and intelpowerclamp is used to simulate idle state, it causes a kernel bug: Bug: Using smpprocessorid in preemptible 000000...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: bpf: prevented decltag from being referenced in funcproto Syzkaller was able to exploit the following issue: ------------ cut here ------------ WARNING: CPU: 0 PID: 3609 at kernel/bpf/btf.c:1946 btftypeidsize+0x2d5/0x9d0...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Fixed a panic that occurred during namespace deletion with VF. The existing code moves the VF NIC to a new namespace when NETDEVREGISTER is received on the netvsc NIC. During the deletion of the namespace,...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: In the tty module, for the serial subsystem, there is a issue where the uartlite driver is registered within the init function. When two instances of the uart device are being probed, a concurrency race may occur. If one thread...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: PCI: Fixed pcideviceispresent for VFs by checking PF. Previously, pcideviceispresent did not work for VFs because it read the Vendor and Device IDs, which are 0xffff for VFs, implying that these devices are not present. Instead, ...