Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: mctp i2c: handling of NULL header addresses The daddr field can be NULL if there is no neighbour table entry present. In that case, the TX packet should be discarded. The saddr field is usually set by the MCTP core, but a NULL...

Astra Linux - уязвимость в squid

A issue was discovered in Squid 4.x before 4.15, and in 5.x before 5.0.6. If a remote server sends a certain response header via HTTP or HTTPS, it can lead to a denial of service. This header can potentially appear in legitimate network traffic...

Astra Linux - уязвимость в golang-1.19

Parsing multipart forms can consume large amounts of CPU and memory when processing form inputs containing a very large number of parts. This occurs due to several reasons: 1. The mime/multipart.Reader.ReadForm method limits the total memory that a parsed multipart form can consume. ReadForm may...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: rpl: Fix use-after-free in rpldosrhinline. Running lwtdstcacherefloop.sh in selftest with KASAN triggers the splat below 0. rpldosrhinline fetches ipv6hdrskb and accesses it after skbcowhead, which is illegal as the header could ...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: dropping UFO packets in udprcvSegment When sending a packet with virtionetHdr to the tun device, if the gsotype in virtionetHdr is SKBGSOUDP and the gsoSize is less than udphdrSize, a crash may occur. ------------ cut here...

Astra Linux - уязвимость в golang-golang-x-net

In Go, net/http versions before 1.16.12 and 1.17.x, as well as before 1.17.5, allowed uncontrolled memory consumption in the header canonicalization cache through HTTP/2 requests...

Astra Linux - уязвимость в apache2

The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large inputs using aprwrite or aprputs. This issue can occur, for example, when using the modluas r:puts function. Modules that are compiled and distribute...

Astra Linux - уязвимость в ceph

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the x-amz-copy-source argument to copy an object and specifying an empty string as its content resulted in the RGW daemon crashing, leading to a DoS attack. As of the time of publication,...

Astra Linux - уязвимость в tomcat9

When using RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71, and 8.5.0 to 8.5.85 did not include the secure attribut...

Astra Linux - уязвимость в golang-github-gin-gonic-gin

This affects all versions of the package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client’s IP address can be spoofed by setting the X-Forwarded-For header...

Astra Linux - уязвимость в apache2

Splitting HTTP responses across multiple modules in the Apache HTTP Server allows an attacker who can inject malicious response headers into backend applications to carry out an HTTP desynchronization attack. It is recommended that users upgrade to version 2.4.59, as this issue has been fixed in...

Astra Linux - уязвимость в apache2

An HTTP response smuggling vulnerability exists in the Apache HTTP Server via modproxyuwsgi. This issue affects the Apache HTTP Server version 2.4.30 through 2.4.55. Special characters in the origin response header can cause the response forwarded to the client to be truncated or split...

Astra Linux - уязвимость в gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. This function does not properly check the validity of the stream-codecpriv pointer. If...

Astra Linux - уязвимость в python-webob

WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user will be redirected to using Python’s urlparse function, and joining that parsed URL to the base URL. However, the...

Astra Linux - уязвимость в puma

Puma is a Ruby/Rack web server designed for parallelism. In affected versions, clients could manipulate values set by intermediate proxies such as X-Forwarded-For by providing a version of the header with an underscore . Any users who rely on proxy-defined headers are affected. Versions...

Astra Linux - уязвимость в libproxy

In libproxy, the url.cpp module in version 0.4.15 is vulnerable to a buffer overflow when PAC is enabled. This vulnerability was confirmed by using a large PAC file that was sent without a Content-length header...

Astra Linux - уязвимость в ffmpeg

FFmpeg 4.2 is affected by a divide-by-zero issue through the libavcodec/lpc.h library, which allows a remote malicious user to cause a Denial of Service attack...

Astra Linux - уязвимость в curl

curl 7.1.1 up to and including 7.75.0 is vulnerable to a “Exposure of Private Personal Information to an Unauthorized Actor” by leaking credentials in the HTTP Referer: header. libcurl does not remove user credentials from the URL when automatically filling in the Referer: HTTP request header fie...

Astra Linux - уязвимость в nodejs

A memory leak could occur when a remote peer abruptly closes the socket without sending a “GOAWAY” notification. Additionally, if an invalid header is detected by nghttp2, causing the connection to be terminated by the peer, the same memory leak will be triggered. This flaw could lead to increase...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: sctp: A buffer overflow vulnerability exists when skbheaderpointer returns NULL in sctprcvootb. We should always check if the return value of skbheaderpointer is NULL before using it. Otherwise, it may lead to a nullptrderef...