Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: hfsplus: fixed a slab-out-of-bounds issue in hfsplusbnoderead The hfsplusbnoderead method can trigger this issue: 174.852007 T9784 ================================================================== 174.852709 T9784 BUG: KASAN:...

EUVD-2024-53196

Malicious code in bioql PyPI...

CVE-2024-56548

In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times Devices block sizes may change. One of these cases is a loop device by using ioctl LOOPSETBLOCKSIZE. While this may cause other issues like IO being rejected, in t...

CVE-2024-56548 hfsplus: don't query the device logical block size multiple times

In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times Devices block sizes may change. One of these cases is a loop device by using ioctl LOOPSETBLOCKSIZE. While this may cause other issues like IO being rejected, in t...

SUSE-SU-2024:3806-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024119 fixes several issues. The following security issues were fixed: - CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. - CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. - CVE-2024-35863: Fixed potentia...

Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122194 fixes several issues. The following security issues were fixed: CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 bsc1226325. Patch Instructions: To install this...

CVE-2024-41059 hfsplus: fix uninit-value in copy_name

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copyname syzbot reported BUG: KMSAN: uninit-value in sizedstrscpy+0xc4/0x160 sizedstrscpy+0xc4/0x160 copyname+0x2af/0x320 fs/hfsplus/xattr.c:411 hfspluslistxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750...

SUSE CVE-2008-4933

Buffer overflow in the hfsplusfindcat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service memory corruption or system crash via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfspluscatbuildkeyu...