Astra Linux - уязвимость в busybox

A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function...

Astra Linux - уязвимость в sqlite3

SQLite version 3.31.1 allows attackers to cause a denial of service segmentation fault through a malformed window-function query, due to improper handling of the initialization of the AggInfo object...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: mmc: uniphier-sd: A resource leak has been fixed in the remove function. A call to tmiommchostfree is missing from the remove function. This is to balance the call to tmiommchostalloc in the probe. This adjustment is made in the...

Astra Linux - уязвимость в aspell

The libaspell.a module in GNU Aspell prior to version 0.60.8 has a stack-based buffer overflow issue in the common::unescape function within common/getdata.cpp, caused by an isolated \ character...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in the functionstatshow function. Check whether the denominator expression x x - 1 1000 mod 2^32, 2^64 results in zero, and skip the calculation of stddev in such cases. For now, don’t wor...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: blk-rq-qos: fixed a crash that occurred during the race between rqqoswait and rqqoswakefunction. We are encountering crashes due to rqqoswakefunction, which manifest as follows: BUG: Unable to handle a page fault for address:...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: tools/nolibc/stdlib: fixed a memory error in realloc Pass userplen to memcpy, instead of heap-len, to prevent realloc from copying an extra sizeofheap bytes beyond the allocated region...

Astra Linux - уязвимость в hdf5

The HDF5 library from version 1.14.3 has a heap-based buffer overflow issue in the H5Olayoutencode function within H5Olayout.c, which leads to the corruption of the instruction pointer...

Astra Linux - уязвимость в avahi

A vulnerability was discovered in Avahi. There exists a potentially exploitable assertion in the avahialternativehostname function...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ASoC: Topology – Fixing references to freed memory After parsing a topology file, most users release the memory used by that file. Therefore, having pointers that directly reference the contents of the topology file is incorrect...

Astra Linux - уязвимость в zabbix

The implementation of atob in "Zabbix JS" allows for creating a string with arbitrary content and using it to access internal properties of objects...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: hid: cp2112: Fix duplicate workqueue initialization Previously, the cp2112 driver called INITDELAYEDWORK within cp2112 gpioirqstartup, resulting in duplicate initializations of the workqueue during subsequent IRQ starts after an...

Astra Linux - уязвимость в linux-5.10, linux

A denial-of-service DOS issue was detected in the smb2ioctlqueryinfo function of the Linux kernel, within the fs/cifs/smb2ops.c Common Internet File System. This issue arises due to an incorrect return value from the memdupuser function. This flaw allows a local, privileged attacker with...

Astra Linux - уязвимость в binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It is an out-of-bounds read that leads to a segmentation fault in bfdgetl32 in libbfd.c, when called from pex64getruntimefunction in pei-x8664.c...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: The FW DMA is stopped in bnxtshutdown. The netifclose call in bnxtshutdown only stops packet DMA. There may be FW DMA for trace logging recently added, which will continue. If we execute an kexec to a new kernel, the DMA...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A Null pointer dereference problem was detected in idafree in lib/idr.c within the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a lack of proper checks at function returns...

Astra Linux - уязвимость в xrdp

xrdp is an open-source project that provides a graphical login interface for accessing remote machines using the Microsoft Remote Desktop Protocol RDP. Version 0.9.21 and earlier of xrdp contains a buffer overflow in the xrdpmmchandatain function. There are no known solutions to this issue. Users...

Astra Linux - уязвимость в node-minimatch

A vulnerability was discovered in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when the braceExpand function is called with specific arguments, resulting in a denial of service...

Astra Linux - уязвимость в gst-plugins-base1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parselrc function within gstsubparse.c. The parselrc function calls strchr to find the character ‘’ in the string line. The pointer returned by this call ...

Astra Linux - уязвимость в w3m

There is a out-of-bounds write vulnerability in checkType, located in etc.c in w3m 0.5.3. This vulnerability can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause a Denial of Service attack, or potentially cause other unspecified impacts...