Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: DCCP: Fixed an out-of-bounds access in the DCCP error handler. There was a previous attempt to fix an out-of-bounds access in the DCCP error handlers, but that fix assumed that the error handlers only wanted to access the first 8...

Astra Linux - уязвимость в python3.11

User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL’s media type...

Astra Linux - уязвимость в python-tornado

Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, the provided “reason” phrase is used unescaped in HTTP headers where it could be used for header injection or in HTML on the default error page where it could be used for XSS attacks. This...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Use the correct type in nvidiasmmucontextfault This issue was caused by an indirect reference to the function pointer. The nvidiasmmucontextfault function is also defined as an irq function, and the ‘void ’ type w...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

A vulnerability was discovered in the Linux kernel before version 6.5.9. This vulnerability could be exploited by local users who have access to MMIO registers through the user space. Incorrect access checks in the VC handler, along with improper emulation of MMIO accesses using the SEV-ES...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf: Ensure that the swevent hrtimer is properly destroyed. With the change to hrtimertrytocancel in perfsweventcancelhrtimer, it appears that the hrtimer may still be active by the time the event is freed. Make sure that the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Drivers: Staging: rtl8192eu: Fixed a deadlock in rtwjoinbsseventprehandle There is a deadlock in rtwjoinbsseventprehandle, as shown below: Thread 1 | Thread 2 | settimer rtwjoinbsseventprehandle | modtimer spinlockbh //1 | Wait f...

Astra Linux - уязвимость в php8.1

In PHP versions 8.3. before 8.3.19 and 8.4. before 8.4.5, a code sequence involving the set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If a third party can control the memory layout, for example by providing specially crafted inputs to the script, it could...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: ARM: 9064/1: hwbreakpoint: Do not directly check the event’s overflowhandler hook The commit 1879445dfa7b “perf/core: Set event’s default ::overflowhandler” sets a default event-overflowhandler in perfeventalloc, and replaces the...

Astra Linux - уязвимость в p7zip-rar

7-Zip is a file archiver with a high compression ratio. Writing zeros outside the heap buffer in the RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to version 25.0.0. Version 25.0.0 contains a fix for this issue...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: IB/hfi1: Fixed bugs related to non-PAGESIZE-end multi-iovec user SDMA requests. The processing of hfi1 user SDMA requests contains two bugs that can cause data corruption for user SDMA requests with multiple payload iovecs. In...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fixed a use-after-free race condition in the fault handler. When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Since acpiinstallfixedeventhandler automatically enables the event handling mechanism upon success, it is incorrect to call it before the handler routine is ready to handle...

Astra Linux - уязвимость в tpm2-tss

tpm2-tss is an open-source software implementation of the Trusted Computing Group’s Trusted Platform Module 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, functions Tss2RCSetHandler and Tss2RCDecode both indexed into layerhandler using an 8-bit layer number. However,...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a use-after-free of nreq in reqsktimerhandler. The referenced commit replaced inetcskreqskqueuedropandput with inetcskreqskqueuedrop and reqskput in reqsktimerhandler. As a result, oreq should be passed to reqskput...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: imx: csc/scaler: fix v4l2ctrlhandler memory leak The memory allocated in v4l2ctrlhandlerinit is freed upon release...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect currxfer check in IRQ handler Now that all other accesses to currxfer are done under the lock, protect the NULL check of currxfer in tegraqspiisrthread. Without this protection, the following race...

Astra Linux - уязвимость в firefox

An attacker was able to insert an event handler into a privileged object, allowing arbitrary JavaScript execution in the parent process. Note: This vulnerability only affects Desktop Firefox; mobile versions of Firefox are not affected. This vulnerability applies to Firefox versions earlier than...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset the IH OVERFLOWCLEAR bit. This also allows us to detect subsequent IH ring buffer overflows...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Packets are queued in the IRQ handler instead of being disabled during the BH handling. Currently, the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction in the softirq contex...