40552 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state There are several issues with the way the hyp code lazily saves the host’s FPSIMD/SVE state. These include: The host SVE state is unexpectedly discarded due to...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host: Fixed the dereference issue in the DDMA completion flow. Fixed the variable dereference issue in the DDMA completion flow...
Astra Linux - уязвимость в golang-1.19
The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With this fix, the HTTP/1 client will now refuse to send requests that contain an invalid Request.Host or Request.URL.Host value...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: mmc: alcor: fixed the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, the memory allocated in the mmcallochost function will be leaked. This can lead to a kernel cra...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: mmc: via-sdmmc: fixed the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, it will cause two issues: 1. The memory allocated in the mmcallochost function may be leake...
Astra Linux - уязвимость в docker.io
Moby is an open-source project created by Docker to enable software containerization. A bug was discovered in Moby Docker Engine where attempting to copy files using docker cp into a specially crafted container can result in changes to Unix file permissions for existing files in the host’s...
Astra Linux - уязвимость в ansible
A flaw was discovered in the solariszone module from the Ansible Community modules. When setting the name of a zone on the Solaris host, the zone name is checked by listing the process using the ‘ps’ command on the remote machine. An attacker could exploit this flaw by creating a fake zone name a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: vhost: Take a reference on the task in the struct vhosttask. vhosttaskcreate creates a task and keeps a reference to its taskstruct. The task may exit early via a signal, and its taskstruct will be released. A pending vhosttaskwa...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: - BPF: The rcureadlockTraceheld function in bpfmaplookuppercpuelem needs to be checked. The bpfmaplookuppercpuelem helper function is also available for sleepable BPF programs. When BPF JIT is disabled or on a 32-bit host,...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Disabling Intel PT virtualization in both guest and host modes is enabled by default under CONFIGBROKEN. This means that KVM disables support for virtualizing Intel PT via guest/host mode, unless the BROKEN=y flag is se...
Astra Linux - уязвимость в flatpak
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak applications that had direct access to AFUNIX sockets—such as those used by Wayland, Pipewire, or pipewire-pulse—could trick portals and other host-...
Astra Linux - уязвимость в firefox
The Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user’s browser to control it. This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.. This vulnerability...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: vmcihost: A race condition in vmcihostpoll was fixed, which could cause a General Protection Fault. During fuzzing, a General Protection Fault was observed in vmcihostpoll. The fault occurred due to a dereferencing of a wrong...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: mmc: rtsxusbsdmmc: Fix the return value check in mmcaddhost. The mmcaddhost function may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked, leading to a kernel crash due to the...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: misc/vmwvmci: fixed an infoleak in vmcihostdoreceivedatagram The struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the user space, as observed by KMSAN. BUG: KMSAN:...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: xhci: Fixed null pointer dereferencing when the host dies. Ensure that xhcifreedev and xhcikillendpointurbs do not race with each other, and do not cause null pointer dereferencing when the host suddenly dies. The USB core may...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: usb: ohci-nxp: Fixed the refcount leak in ohcihcdnxpprobe. ofparsephandle returns a node pointer with a refcount incremented; we should use ofnodeput on it when it is no longer needed. Add ofnodeput to avoid the refcount leak...
Astra Linux - уязвимость в zabbix
A authenticated user can create a hosts group using the configuration with XSS payload, which will be available to other users. When XSS is stored by an authenticated malicious actor, and other users attempt to search for groups during the creation of new hosts, the XSS payload will activate,...
Astra Linux - уязвимость в containerd
Containerd is a container runtime that is available as a daemon for Linux and Windows. A bug was discovered in Containerd prior to versions 1.6.1, 1.5.10, and 1.14.12. In these versions, containers launched through Containerd’s CRI implementation on Linux, with a specially crafted image...
Astra Linux - уязвимость в qemu
A flaw was discovered in the virtio-net device in QEMU. When the RSS feature is enabled on the virtio-net network card, the indirectionstable data within RSS becomes controllable. Setting values that are excessively large may lead to an index out-of-bounds issue, potentially resulting in a heap...