65166 matches found
Astra Linux - уязвимость в firefox, thunderbird, expat
Expat also known as libexpat before version 2.4.4 has an integer overflow in the doProlog function...
Astra Linux - уязвимость в tomcat9
In some unusual configurations of multipart uploads, an Integer Overflow vulnerability in Apache Tomcat can lead to a Denial-of-Service attack by bypassing size limits. This issue affects Apache Tomcat versions as follows: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, and from...
Astra Linux - уязвимость в glib2.0
A flaw was discovered in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability enables a local attacker to...
Astra Linux - уязвимость в chromium
Integer overflow in Core in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who had access to a race condition to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в vlc
VLC Media Player 3.0.20 and earlier are vulnerable to denial of service due to an integer overflow. This vulnerability can be exploited by a maliciously crafted MMS stream heap-based overflow. If successful, a malicious third party can cause the VLC player to crash or execute arbitrary code with...
Astra Linux - уязвимость в nss, firefox
Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, Thunderbird 140.8, and Firefox ESR 115.35...
Astra Linux - уязвимость в grub2
A flaw was discovered in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It’s possible to cause the allocation length to overflow with a specially crafted tar file, resulti...
Astra Linux - уязвимость в linux-5.10
An integer overflow flaw was discovered in the Linux kernel’s virtio device driver code, where a user triggers the vhostvdpaconfigvalidate function. This flaw allows a local user to crash the system or potentially escalate their privileges on the system...
Astra Linux - уязвимость в libvirt
The vulnerability of the virsocketaddr.c component in the Libvirt virtualization management library is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to cause a service failure remotely...
Astra Linux - уязвимость в glib2.0
A flaw was discovered in glib. Missing validation of the offset and count parameters in the gbufferedinputstreampeek function can lead to an integer overflow during length calculations. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy,...
Astra Linux - уязвимость в binutils
The loadspecificdebugsection function in objdump.c within GNU Binutils, as of version 2.31.1, contains an integer overflow vulnerability that can trigger a heap-based buffer overflow if a crafted section size is used...
Astra Linux - уязвимость в gimp
A flaw was discovered in GIMP. A integer overflow vulnerability exists in the GIMP “Despeckle” plug-in. The issue arises due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel imgbpp. This can lead to insufficient memory allocation and subsequent...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Integer overflow has been prevented in hdrfirstde. The deoff and used variables originate from the disk, so both need to be checked. The issue is that on 32-bit systems, if both values are greater than UINTMAX - 16, the...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow The sanitizer reports the following issues: 62.982337 ------------ cut here ------------ 62.985692 cgroup:...
Astra Linux - уязвимость в edk2
EDK2 contains a vulnerability in the BIOS, where a user can cause an Integer Overflow or Wrap-around error through network means. Successful exploitation of this vulnerability may lead to a denial of service...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Harden depth calculation functions A vulnerability was identified where the operating system can pass in U32MAX as the size for SQ/RQ/SRQ operations. This can lead to integer overflow and truncation of the SQ/RQ/SRQ...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: gpio: gpio-xilinx: Fix integer overflow The current implementation cannot configure more than 32 pins due to an incorrect data type. Therefore, type casting using unsigned long is used to avoid this issue...
Astra Linux - уязвимость в libsoup2.4
A flaw was discovered in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications for handling web communications. The issue arises when the library processes specially crafted multipart messages. Due to improper validation, an...
Astra Linux - уязвимость в klibc
A issue was discovered in klibc before version 2.0.9. Multiplication operations within the calloc function may lead to integer overflows and subsequent heap buffer overflows...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
A memory leak flaw, along with potential division by zero and integer overflow issues, have been detected in the Linux kernel’s V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as the VIDIOCSDVTIMINGS ioctl. This could allow a local user to crash the...