65168 matches found
Astra Linux - уязвимость в klibc
A issue was discovered in klibc before version 2.0.9. Multiplication operations within the calloc function may lead to integer overflows and subsequent heap buffer overflows...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
A memory leak flaw, along with potential division by zero and integer overflow issues, have been detected in the Linux kernel’s V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as the VIDIOCSDVTIMINGS ioctl. This could allow a local user to crash the...
Astra Linux - уязвимость в libvpx
There are integer overflows in the libvpx library in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may lead to integer overflows in the calculations of buffer sizes and offsets, and some fields of the returned vpximaget struct may become invali...
Astra Linux - уязвимость в openexr
There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with the application’s functionality and availability...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring: fixed the truncation of the regbuf vector size. There is a report that ioestimatebvecsize truncates the calculated number of segments, leading to corruption issues. Ensure that the “int” variables used later do not...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net/rose: integer overflows can occur when using rosesetsockopt with potentially excessively large arguments, along with additional values being applied to them. To prevent this, the safest approach is to check the contents of...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: binfmtflat: Fixed an integer overflow bug on 32-bit systems. Most of these sizes and counts are capped at 256MB, so the calculations do not result in integer overflows. The “relocs” count also needs to be checked. Otherwise, o...
Astra Linux - уязвимость в firefox, thunderbird
Methods AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding, and AppendEncodedCharacters may experience integer overflows, resulting in underallocation of an output buffer and thus causing out-of-bounds write attacks. This vulnerability affects Firefox 124, Firefox ESR 115.9, and...
Astra Linux - уязвимость в libstb
It was discovered that stbimage.h v2.27 contains an integer overflow vulnerability through the stbijpegdecodeblockprogdc function. This vulnerability allows attackers to cause a Denial of Service DoS attack through unspecified vectors...
Astra Linux - уязвимость в git
Git is a distributed revision control system. The gitattributes command allows for the definition of attributes for certain file paths. These attributes can be defined by adding a .gitattributes file to the repository, which contains a set of file patterns and the attributes that should be applie...
Astra Linux - уязвимость в xwayland, xorg-server
A flaw was discovered in the RandR extension, where the RRChangeProviderProperty function does not properly validate inputs. This issue leads to an integer overflow when calculating the total size to allocate...
Astra Linux - уязвимость в blender
An integer overflow in the processing of loaded 2D images leads to a “write-what-where” vulnerability and an “out-of-bounds read” vulnerability. This allows attackers to leak sensitive information or execute code within the Blender process when a specially crafted image file is loaded. This flaw...
Astra Linux - уязвимость в firefox
Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux - уязвимость в openvswitch
An integer underflow occurred in the Organization Specific TLV in various versions of OpenvSwitch...
Astra Linux - уязвимость в grub2
When reading data from an HFS filesystem, Grub’s HFS filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffer size. However, it fails to properly check for integer overflows. A maliciously crafted filesystem may cause some of those buffer siz...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for RSA Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer underflow that might happen when copying the source scatterlist into a line...
Astra Linux - уязвимость в ffmpeg
An integer overflow vulnerability exists in the function filter16sobel in libavfilter/vfconvolution.c within Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...
Astra Linux - уязвимость в libstb
STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A maliciously crafted file may cause memory writes to exceed the allocated heap buffer in startdecoder. The root cause of this issue is a potential integer overflow in sizeofchar f-commentlistlength, which may...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: In the net/sched module, there is an issue with taprio: Limiting TCATAPRIOATTRSCHEDCYCLETIME to INTMAX. syzkaller encountered a division error 0 in the divs64rem function, which is called from getcycletimeelapsed. In this functio...
Astra Linux - уязвимость в krb5
The vulnerability of the decodekrb5flags function in the asn1kencode.c component of the Kerberos authentication protocol is related to integer overflow. Exploiting this vulnerability allows a malicious actor to cause a service denial...