Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fixed the double-free of the elf header buffer. After the patch provided by b3e34a47f989 “x86/kexec: fix memory leak of elf header buffer”, the use of image-elfheaders in the error path of crashloadsegments is no longe...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix nfrejectip6tcphdrput syzbot reported that nfrejectip6tcphdrput was possibly sending garbage on the four reserved tcp bits th-res1 Use skbputzero to clear the whole TCP header, as done in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: iptunnel: ensure that the inner header is pulled in iptunnelrcv The same fixes were applied in the following issues: 8d975c15c0cd “ip6tunnel: ensure that the inner header is pulled in ip6tnlrcv” 1ca1ba465e55 “geneve: ensu...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: llc: Made llcuisendmsg more robust against changes related to bonding. syzbot was able to exploit llcuisendmsg, allocating an skb without sufficient headroom, and then attempting to append 14 bytes of Ethernet header...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: Slip: Make slhcremember more robust against malicious packets. syzbot found that slhcremember lacked checks against malicious packets 1. slhcremember only checks that the packet’s size is at least 20 bytes, which is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: accel/qaic: Tightened bounds checking in decodemessage. The bounds checking was moved from encodemessage to decodemessage. This patch addresses the following issues: - Ensure that there is enough space for at least one header,...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Check skb-transportheader is set in bpfskbcheckmtu. The bpfskbcheckmtu helper needs to use skb-transportheader when the BPFMTUCHKSEGS flag is used: bpfskbcheckmtuskb, ifindex, &mtulen, 0, BPFMTUCHKSEGS. The transportheader i...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sendone: fixed the issue of missing CAN header initialization. The read access to struct canxlframe::len within a j1939 object revealed that the reserved elements in struct canframe were not properly initialized...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: udf: Fixed the issue of discarding data before allocation at the indirect extent boundary. When the preallocation extent is the first one in the extent block, the code would corrupt the extent tree header instead. This issue has...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: veth: Ensure that the eth header is in the linear part of the skb structure. After feeding a decapsulated packet to a veth device using actmirred, skbheadlen may be 0. However, vethxmit calls devforwardskb, which expects at...

Astra Linux - уязвимость в libqb

In logblackbox.c in libqb before version 2.0.8, a buffer overflow can occur due to the use of long log messages, as the size of the log headers is not taken into consideration...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: libceph: Potential out-of-bounds reads in processmessageheader have been prevented. If the message frame is maliciously corrupted in such a way that the length of the control segment becomes shorter than the size of the message...

Astra Linux - уязвимость в python2.7, pypy

In Lib/tarfile.py in Python 3.8.3, an attacker can create a TAR archive that causes an infinite loop when opened using tarfile.open, due to the lack of header validation in procpax...

Astra Linux - уязвимость в python-tornado

Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, the provided “reason” phrase is used unescaped in HTTP headers where it could be used for header injection or in HTML on the default error page where it could be used for XSS attacks. This...

Astra Linux - уязвимость в python3.11

User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL’s media type...

Astra Linux - уязвимость в golang-1.19

The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With this fix, the HTTP/1 client will now refuse to send requests that contain an invalid Request.Host or Request.URL.Host value...

Astra Linux - уязвимость в waitress

Waitress version 1.3.1 allows for the smuggling of requests by sending the Content-Length header twice. Waitress would fold the two Content-Length headers together, and since it cannot convert the now comma-separated values into integers, it internally sets the Content-Length to 0. If two...

Astra Linux - уязвимость в ruby-rack

Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, Rack::Multipart::Parser could accumulate unbounded data when the header block of a multipart part never ended with the required blank line CRLFCRLF. The parser continuously stored incoming bytes in memory...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix incorrect page release Under the following conditions: 1 No skb has been created yet. 2 headersize == 0 no SHAMPO header. 3 headerindex + 1 % MLX5ESHAMPOWQHEADERPERPAGE == 0 this is the last page fragment o...

Astra Linux - уязвимость в firefox

The Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user’s browser to control it. This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.. This vulnerability...