Astra Linux - уязвимость в open-iscsi

A issue was discovered in Contiki through version 3.0. An integer overflow exists in the uIP TCP/IP stack component when parsing TCP MSS options for IPv4 network packets in the uipprocess function in net/ipv4/uip.c...

Astra Linux – Vulnerability in Firefox and Thunderbird

In the nsTArrayImpl::ReplaceElementsAt function, an integer overflow could occur when the number of elements to be replaced is too large for the container. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

Astra Linux - уязвимость в redis

Redis is an open-source, in-memory database that persists data on disk. Versions 8.2.1 and earlier allow an authenticated user to use a specially crafted Lua script to cause an integer overflow, potentially leading to remote code execution. This issue exists in all versions of Redis that support...

Astra Linux - уязвимость в redis

Redis is an in-memory database that persists data on disk.Authenticated users who issue specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, leading to a runtime assertion and termination of the Redis server process. This issue affects all Redis...

Astra Linux - уязвимость в pixman

In libpixman in Pixman before version 0.42.2, there is an out-of-bounds write also known as a heap-based buffer overflow in the rasterizeedges8 function, due to an integer overflow in the pixmansamplefloory function...

Astra Linux - уязвимость в binutils

A issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. The simpleobjectelfmatch function in simple-object-elf.c does not check for a zero value of shstrndx, resulting in an integer overflow and a heap-based buffer overflow...

Astra Linux - уязвимость в expat, firefox, thunderbird

In libexpat before version 2.7.4, the doContent function does not properly determine the buffer size bufSize, as there is no check for integer overflow during the reallocation of the tag buffer...

Astra Linux - уязвимость в vim

Integer overflow or wrap-around in the GitHub repository for vim/vim before version 9.0.1532...

Astra Linux - уязвимость в exempi

The XMP Toolkit SDK version 2020.1 and earlier is affected by an Integer Overflow vulnerability that may lead to application-level denial of service in the context of the current user. Exploitation requires user interaction, meaning that the victim must open a specially crafted file...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: A integer overflow has been fixed in rxgkverifyresponse. In rxgkverifyresponse, there is a potential integer overflow due to rounding the tokenlen value before checking it. This allows the length check to be bypassed. This...

Astra Linux - уязвимость в openexr

A flaw was discovered in OpenEXR’s hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file processed by OpenEXR to trigger an integer overflow. The greatest threat of this vulnerability is to system availability...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: A integer overflow has been fixed in aie2queryctxstatusarray. The unpublished smatch static checker reported a warning. In drivers/accel/amdxdna/aie2pci.c, line 904 of aie2queryctxstatusarray: warn: Potential...

Astra Linux - уязвимость в linux, linux-5.10

An integer overflow or wrap-around vulnerability exists in the OpenEuler kernel on Linux file system modules, allowing for forced integer overflow. This issue affects the OpenEuler kernel, starting from version 4.19.90, up to and including version 4.19.90-2401.3, as well as versions 5.10.0-60.18....

Astra Linux - уязвимость в unbound

Before version 1.9.5, Unbound allowed for an integer overflow in the size calculation in respip/respip.c. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an active Unbound installation cannot be exploited remotely or locally...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm: zynqmpdp: Fixed integer overflow in zynqmpdprateget This patch addresses a potential integer overflow in zynqmpdprateget. The issue arises when the expression drmdpbwcodetolinkratedp-test.bwcode 10000 is evaluated using 32-b...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fixed an integer overflow in radeoncsparserinit The type of size is unsigned. If size is 0x40000000, there will be an integer overflow. After size = sizeofuint32t, size will become zero, which may lead to referencing...

Astra Linux - уязвимость в firefox, thunderbird, expat

Expat also known as libexpat before version 2.4.4 has an integer overflow in the doProlog function...

Astra Linux - уязвимость в tomcat9

In some unusual configurations of multipart uploads, an Integer Overflow vulnerability in Apache Tomcat can lead to a Denial-of-Service attack by bypassing size limits. This issue affects Apache Tomcat versions as follows: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, and from...

Astra Linux - уязвимость в gimp

A flaw was discovered in GIMP. A integer overflow vulnerability exists in the GIMP “Despeckle” plug-in. The issue arises due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel imgbpp. This can lead to insufficient memory allocation and subsequent...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fixed the potential integer overflow that could occur when shifting an int. The left shift of the 32-bit integer constant 1 is evaluated using 32-bit arithmetic, and then passed as a 64-bit function argument. In cas...