Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – Avoid NULL pointer dereferencing When iterating over the links of a vif, we need to ensure that the pointer is valid in other words, that the link exists before dereferencing it. Use foreachvifactivelink to...

CVE-2024-8088 Infinite loop when iterating over zip archive entry names from zipfile.Path

There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive for example, methods of "zipfile.Path" like "namelist", "iterdir", etc...

CVE-2024-26632 block: Fix iterating over an empty bio with bio_for_each_folio_all

In the Linux kernel, the following vulnerability has been resolved: block: Fix iterating over an empty bio with bioforeachfolioall If the bio contains no data, biofirstfolio calls pagefolio on a NULL pointer and oopses. Move the test that we've reached the end of the bio from bionextfolio to...

CVE-2024-26632

In the Linux kernel, the following vulnerability has been resolved: block: Fix iterating over an empty bio with bioforeachfolioall If the bio contains no data, biofirstfolio calls pagefolio on a NULL pointer and oopses. Move the test that we've reached the end of the bio from bionextfolio to...

CVE-2021-47060 KVM: Stop looking for coalesced MMIO zones if the bus is destroyed

In the Linux kernel, the following vulnerability has been resolved: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed Abort the walk of coalesced MMIO zones if kvmiobusunregisterdev fails to allocate memory for the new instance of the bus. If it can't instantiate a new bus,...

Gas Limit Issues/DoS with Block Gas Limit

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Iterating through the users array without a limitation might cause the function to consume a lot of gas, especially when the array size is large. It may potentially reach the block gas limit and get...

Race condition

A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with "umask...

CVE-2019-2243

Possible buffer overflow at the end of iterating loop while getting the version info and lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

CVE-2019-2243

Possible buffer overflow at the end of iterating loop while getting the version info and lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

Fedora 30 : php (2019-6350c4e21a)

PHP version 7.3.5 02 May 2019 Core: - Fixed bug php77903 ArrayIterator stops iterating after offsetSet call. Nikita CLI: - Fixed bug php77794 Incorrect Date header format in built-in server. kelunik EXIF - Fixed bug php77950 Heap-buffer-overflow in estrndup via exifprocessIFDTAG. CVE-2019-11036...

BrewBlogger 1.3.1 (printLog.php) Remote SQL Injection Vulnerability

No description provided by source. !/usr/bin/perl Target: BewBlogger 1.3.1 http://brewblogger.zkdigital.com Vulnerability: SQL Injection Description: BrewBlogger does not properly sanitize the 'id=' parameter passed to printLog.php. Since each user entry contains an auto-incrementing ID number, i...