62154 matches found
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-lpspi: The issue of a reference leak during lpspipreparexferhardware has been fixed. pmruntimegetsync will increment the pm usage counter even if the operation fails. Forgetting to replace this operation with...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: fixed leaks when hcicmdsyncqueueonce fails When hcicmdsyncqueueonce returns an error, the destroy callback will not be called. Fixed the issue of leaking references/memory in cases where this error occurs...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Ice: Fixed a NULL pointer dereferencing during VSI rebuild. A race condition occurred where PTP periodic work ran while VSI was being rebuilt, leading to access to NULL vsi-rxrings. The sequence was as follows: 1...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a missing NULL pointer check for the pingpong interface. This check is almost always performed in dpuencoderphyswbsetupctl, but it is missing in a single location. It is also recommended to use convenient local...
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fixed an UAF Use-After-Free issue with the ncm object after the USB EP transport error occurs during re-binding. When the ncm function is working, the usb0 interface is stopped due to a link failure. In this...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Freeing irq vectors in order for v3 HW If the driver probe fails to request the channel IRQ or fatal IRQ, the driver will free the IRQ vectors before freeing the IRQs in freeirq. This will cause a kernel BUG like...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ethtool: Fixed an issue where the uninitialized number of lanes was used. It is not possible to set the number of lanes when adjusting link modes using the legacy IOCTL ethtool interface. Since the struct ethtoollinkksettings...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: fixed memory corruption due to too many bridges. A missing sanity check has been added to the bridge counter to prevent corruption of data beyond the fixed-sized bridge array, in case there are more than eight...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: spi: Fix for null dereference during suspension There exists a race condition where a synchronous noqueue transfer can remain active during system suspension. This can lead to a null pointer dereference exception when the system...
Astra Linux - уязвимость в firefox, thunderbird
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor might be drawn over the browser UI, potentially causing confusion for users or leading to spoofing attacks. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...
Astra Linux - уязвимость в chromium
Before version 104.0.5112.79, using Tab Strip in Google Chrome on Chrome OS allowed a remote attacker who convinced a user to engage in certain user interactions to potentially exploit heap corruption through specific UI interactions...
Astra Linux - уязвимость в linux, linux-5.10
A use-after-free flaw was discovered in ncirequest in net/nfc/nci/core.c within the NFC Controller Interface NCI in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data race issue while the device is being removed, leading to a privilege escalation...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs due to malformed user input. Malformed user input to debugfs can lead to buffer overflow crashes. Adjust the length of the input string to fit within the internal buffers,...
Astra Linux - уязвимость в webkit2gtk
There is a use-after-free vulnerability in the MediaRecorder API of Webkit GTK 2.40.5. A specially crafted web page can exploit this vulnerability to cause memory corruption and potentially allow for arbitrary code execution. A user would need to visit a malicious webpage in order to trigger this...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: cfg80211: Calling cfg80211stopap when switching from P2PGO type If the user-space tools switch from NL80211IFTYPEP2PGO to NL80211IFTYPEADHOC via sendmsgNL80211CMDSETINTERFACE, it does not call the cleanup function cfg80211stopap...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Fixed the enumeration of protocols in the base protocol. When enumerating the protocols implemented by the SCMI platform using BASEDISCOVERLISTPROTOCOLS, the number of protocols returned is currently validated ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btusb: mediatek – Fixed a kernel crash that occurred when releasing the mtk iso interface. When performing reset tests and encountering abnormal card drop issues that lead to a kernel crash, it is necessary to perfo...
Astra Linux - уязвимость в mercurial
A vulnerability was discovered in Mercurial SCM 4.5.3/71.19.145.211. This vulnerability is considered problematic. It affects unknown code within the Web Interface component. Manipulating the cmd argument leads to cross-site scripting attacks. The attack can be initiated remotely. The exploit has...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: Fixed the “general-protection-fault” issue in ieee80211subifstartxmit. When the device is running and the interface status changes, the “gpf” general protection fault issue is triggered. The process that causes th...
Astra Linux - уязвимость в libvirt
A NULL pointer dereference flaw was discovered in the udevConnectListAllInterfaces function within libvirt. This issue can occur when detaching a host interface while simultaneously collecting the list of interfaces using the virConnectListAllInterfaces API. This flaw could be exploited to carry...