58904 matches found
Astra Linux - уязвимость в gst-plugins-base1.0
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parselrc function within gstsubparse.c. The parselrc function calls strchr to find the character ‘’ in the string line. The pointer returned by this call ...
Astra Linux - уязвимость в w3m
There is a out-of-bounds write vulnerability in checkType, located in etc.c in w3m 0.5.3. This vulnerability can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause a Denial of Service attack, or potentially cause other unspecified impacts...
Astra Linux - уязвимость в htmldoc
A buffer under-reading issue based on stacks in the htmldoc before version 1.9.12 allows attackers to cause a denial of service by using a crafted BMP image with the imageloadbmp function...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed possible invalid memory accesses after the FLR Function Level Reset. In the case where the first FLR Function Level Reset is completed correctly, but during the second FLR, the scratch area for the saved...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: The part of the cdns set that activates the state should be placed outside the spin lock. The device may be scheduled during the resume process; therefore, this issue cannot occur in atomic operations. Since...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ftrace: Fixed NULL pointer dereferencing in isftracetrampoline when ftrace fails. ftracestartup does not remove ops from ftraceopslist when ftracestartupenable fails: registerftracefunction ftracestartup registerftracefunction...
Astra Linux - уязвимость в nasm
A buffer overflow vulnerability exists in the scan function in stdscan.c in nasm 2.15rc0, allowing remote attackers to cause a denial of service by using crafted ASM files...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disabling ASPM when a multifunction device’s function is removed to avoid use-after-free errors. The struct pcielinkstate-downstream field is a pointer to the pcidev of function 0. Previously, we retained this pointer...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: bpf, arm64: A BTI error was fixed when returning to the patched function. When BPFTRAMPFCALLORIG is set, the BPF trampoline uses BLR to jump back to the instruction next to the call site, in order to call the patched function...
Astra Linux - уязвимость в glib2.0
A flaw was discovered in glib. Missing validation of the offset and count parameters in the gbufferedinputstreampeek function can lead to an integer overflow during length calculations. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy,...
Astra Linux - уязвимость в node-elliptic
The verify function in lib/elliptic/eddsa/index.js within the Elliptic package, as of version 6.5.6 for Node.js, omits the validation of the condition “sig.S.gtesig.eddsa.curve.n || sig.S.isNeg”...
Astra Linux - уязвимость в tiff
A null source pointer passed as an argument to the memcopy function within TIFFReadDirectory in tifdirread.c in libtiff versions from 4.0 to 4.3.0 could lead to a Denial of Service attack through a crafted TIFF file. For users who compile libtiff from source code, a fix is available in the commit...
Astra Linux - уязвимость в fig2dev
Fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: vfio/xe: Reorganized the init process to separate migration from reset operations. Attempting to perform a reset on VF devices that do not support migration leads to the following issues: BUG: Unable to handle a page fault for...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed a crash that occurred when the event log was disabled. If reporting errors to the event log is not supported by the hardware, and an error that causes a Function Level Reset FLR is received, the driver will...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix potential memory leak The function dwc3qcomprobe allocates memory for the resource structure pointed by the parentres pointer. This memory is not freed, leading to a memory leak. Using stack memory can preven...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable the functiongraph tracer when setting the funcgraph-args option. When setting the funcgraph-args option, if the functiongraph tracer is disabled, it incorrectly enables itself. Moreover, it unregisters itsel...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton to prevent conversion to 0-bit quantities Testing conducted by the syzbot fuzzer revealed that the HID core encounters a shift-out-of-bounds exception when it attempts to convert a 32-bit quantity to a...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: “recordmcount”: Fixed memory leaks in the uwrite function. “Common realloc mistake”: The “file.Append” pointer was set to null, but it wasn’t freed upon failure...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: mmc: moxart: Fix the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked, leading to a kernel crash due to the remova...