Astra Linux – Vulnerability in ffmpeg

An integer overflow vulnerability exists in the function filter16sobel in libavfilter/vfconvolution.c within Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...

Astra Linux - уязвимость в linux-5.10, linux

A memory leak flaw, along with potential division by zero and integer overflow issues, have been detected in the Linux kernel’s V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as the VIDIOCSDVTIMINGS ioctl. This could allow a local user to crash the...

Astra Linux - уязвимость в openexr

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with the application’s functionality and availability...

Astra Linux - уязвимость в libstb

It was discovered that stbimage.h v2.27 contains an integer overflow vulnerability through the stbijpegdecodeblockprogdc function. This vulnerability allows attackers to cause a Denial of Service DoS attack through unspecified vectors...

Astra Linux - уязвимость в klibc

A issue was discovered in klibc before version 2.0.9. Multiplication operations within the calloc function may lead to integer overflows and subsequent heap buffer overflows...

Astra Linux - уязвимость в gst-plugins-good1.0

GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may vary...

Astra Linux - уязвимость в firefox, thunderbird

Methods AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding, and AppendEncodedCharacters may experience integer overflows, resulting in underallocation of an output buffer and thus causing out-of-bounds write attacks. This vulnerability affects Firefox 124, Firefox ESR 115.9, and...

Astra Linux - уязвимость в firefox, thunderbird, expat

The lookup function in xmlparse.c within Expat also known as libexpat has an integer overflow before version 2.4.3...

Astra Linux - уязвимость в ffmpeg

An integer overflow vulnerability exists in the function filter16prewitt in libavfilter/vfconvolution.c in Ffmpeg 4.2.1. This vulnerability allows attackers to cause a Denial of Service or other unspecified impacts...

Astra Linux - уязвимость в blender

An integer overflow in the processing of loaded 2D images leads to a “write-what-where” vulnerability and an “out-of-bounds read” vulnerability. This allows attackers to leak sensitive information or execute code within the Blender process when a specially crafted image file is loaded. This flaw...

Astra Linux - уязвимость в openexr

An integer overflow that leads to a heap-buffer overflow was discovered in the DwaCompressor of OpenEXR in versions prior to 3.0.1. An attacker could exploit this flaw to crash an application compiled with OpenEXR...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring: fixed the truncation of the regbuf vector size. There is a report that ioestimatebvecsize truncates the calculated number of segments, leading to corruption issues. Ensure that the “int” variables used later do not...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Harden depth calculation functions A vulnerability was identified where the operating system can pass in U32MAX as the size of SQ/RQ/SRQ. This can lead to integer overflow and truncation of the SQ/RQ/SRQ depth values...

Astra Linux - уязвимость в firefox, thunderbird, expat

The issue with integer overflow occurs in storeAtts in the xmlparse.c file, within the Expat library also known as libexpat, before version 2.4.3...

Astra Linux - уязвимость в libksba

Before version 1.6.3, Libksba was vulnerable to an integer overflow vulnerability in the CRL signature parser...

Astra Linux - уязвимость в qemu

Integer overflows and buffer overflows were identified in the ACPI Error Record Serialization Table ERST device of QEMU, within the readerstrecord and writeerstrecord functions. Both issues may allow the guest to exceed the host buffer allocated for the ERST memory device. A malicious guest could...

Astra Linux - уязвимость в firefox, thunderbird, expat

nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

Astra Linux - уязвимость в harfbuzz

An integer overflow in the hb-ot-shape-fallback.cc component of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service DoS attack through unspecified vectors...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ipv6: A BUG in ppskbexpandhead as part of calipsoskbuffsetattr. There exists a kernel oop caused by a BUGONnhead INTMAX parameter i.e., intskbheadroomskb + lendelta skbheadroomskb is intended to ensure that delta = headroom -...

Astra Linux - уязвимость в pcre3

In PCRE before version 8.44, libpcre allowed integer overflows due to a large number appearing after a ?C substring...