53977 matches found
Astra Linux - уязвимость в qemu
A flaw was discovered in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc function can lead to the allocation of a small cursor object, followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process...
Astra Linux - уязвимость в poppler
The JPXStream::init function in Poppler 0.78.0 and earlier does not check for negative values of stream length, which can lead to an Integer Overflow. This allows an attacker to allocate a large memory chunk on the heap, with the size controlled by them. This issue was demonstrated by pdftocairo...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Cleaned up integer overflow checks in mapuserpages. The encodedma function includes some validations for intrans-size. However, it would be clearer to move these checks to findandmapuserpages. encodedma had two checks...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a signed-integer-overflow bug in tcpaddbacklog The types of skrcvbuf and sksndbuf within the struct sock structure are int. In tcpaddbacklog, the limit for the buffer size is calculated by adding skrcvbuf, sksndbuf, an...
Astra Linux - уязвимость в gst-plugins-good1.0
DOS: Potential heap overwrite in qtdemux using zlib decompression. Integer overflow in the qtdemux element within the qtdemuxinflate function can lead to a segfault, or it may cause a heap overwrite, depending on the libc and operating system. Depending on the libc used and the underlying operati...
Astra Linux - уязвимость в grub2
An integer overflow flaw was discovered in the BFS file system driver within grub2. When reading a file using an indirect extent map, grub2 fails to validate the number of extent entries to be read. A maliciously crafted or corrupted BFS file system may cause an integer overflow during file...
Astra Linux - уязвимость в unbound
Unbound before version 1.9.5 allows for an integer overflow in the size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an active Unbound installation cannot be exploited remotely or locally...
Astra Linux - уязвимость в jetty9
Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in MetaDataBuilder.checkSize allows HTTP/2 HPACK header values to exceed their size limit. MetaDataBuilder.java determines whether a...
Astra Linux - уязвимость в gmp
The GNU Multiple Precision Arithmetic Arithmetic Library GMP version up to 6.2.1 has an integer overflow issue in the mpz/inpraw.c file, which can lead to a buffer overflow due to malicious input. This results in a segmentation fault on 32-bit platforms...
Astra Linux - уязвимость в freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are subject to an IntegerOverflow issue, which leads to an Out-of-Bound Write Vulnerability in the gdiCreateSurface function. This issue only affects FreeRDP-based clients...
Astra Linux - уязвимость в chromium
Integer overflow in the Window Manager in Google Chrome on the Chrome OS and Lacros before version 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out-of-bounds memory write via crafted UI interactions. Chrome security severity: Hig...
Astra Linux - уязвимость в redis
Redis is an in-memory database that persists data on disk. Redis improperly handles the resizing of memory buffers, which can lead to integer overflow, resulting in heap overflow and potential remote code execution. This issue has been fixed in versions 7.0.15 and 7.2.4...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fixed an integer overflow in ghesestatuspoolinit. The variable numghes was changed from int to unsigned int, preventing an overflow and causing subsequent vmalloc calls to fail. The overflow occurs in...
Astra Linux - уязвимость в vim
Integer overflow or wrap-around in the GitHub repository for vim/vim before version 9.0...
Astra Linux - уязвимость в binutils
The binutils version 2.32 and earlier contains an Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound, and bfdcanonicalizedynamicreloc. This vulnerability can lead to Integer Overflow, which in turn triggers Heap Overflow. Successful exploitation of this vulnerability allows f...
Astra Linux - уязвимость в linux
The fs/seqfile.c file in the Linux kernel versions 3.16 through 5.13.x, prior to 5.13.4, does not properly restrict seq buffer allocations. This results in an integer overflow, an Out-of-bounds Write, and an escalation of privileges to the root user by an unprivileged user, identified as...
Astra Linux - уязвимость в sysstat
Before version 12.1.6, sysstat experienced memory corruption due to an integer overflow in the remapstruct function within sacommon.c...
Astra Linux - уязвимость в libtommath
An integer overflow vulnerability exists in the mpgrow function within the libtom library, as reported in commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9. This vulnerability allows attackers to execute arbitrary code and cause a denial of service DoS attack...
Astra Linux - уязвимость в u-boot
An integer overflow occurs in the ext4fsreadsymlink function in Das U-Boot before version 2025.01-rc1. This issue arises due to the use of the zalloc function, which adds one to a le32 variable. This occurs through a crafted ext4 file system with an inode size of 0xffffffff. As a result, the mall...
Astra Linux - уязвимость в libgsf
There is an integer overflow vulnerability in the Compound Document Binary File format parser of v1.14.52 in the GNOME Project’s G Structured File Library libgsf. A specially crafted file can lead to an integer overflow, allowing for a heap-based buffer overflow when processing the sector...