224341 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tracing/probes: The error check in parsebtffield has been fixed. btffindstructmember may return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. This issue is fixed b...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
A flaw was discovered in the Framebuffer Console fbcon within the Linux kernel. When values greater than 32 are provided for font-width and font-height in the fbconsetfont function, due to lack of proper checks, an out-of-bounds situation may occur, resulting in undefined behavior and potentially...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
A use-after-free vulnerability was discovered in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c within the SCSI sub-component of the Linux kernel. This flaw allows an attacker to access internal kernel information...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
A flaw was discovered in the Linux kernel. A use-after-free may occur when plugging/dismounting a malicious USB device that claims to be an Asus device. Similar to the previously known CVE-2023-25012, but in Asus devices, the workstruct structure may be modified by the LED controller during the...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
A flaw was discovered in the Linux Kernel’s RDS Reliable Datagram Sockets protocol. The rdsrmzerocopycallback function uses listentry on the head of a list, resulting in a type confusion. A local user can trigger this with the rdsmessageput function. This type confusion causes the struct...
Astra Linux - уязвимость в linux-5.10, linux
A memory leak flaw was discovered in the Linux kernel’s Stream Control Transmission Protocol. This issue may occur when a user initiates a malicious networking service, and someone connects to this service. This could allow a local user to deplete resources, resulting in a denial of service...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ceph: Avoid putting the realm twice when decoding snaps fails. When decoding snaps fails, it might leave the firstrealm and realm pointing to the same snaprealm memory. Doing so could lead to random use-after-free issues, BUGON,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: Fixed the KASAN use-after-free in fslmcbusremove. In fslmcbusRemove, mc-rootmcbusdev-mcio is passed to fsldestroymcio. However, mc-rootmcbusdev has already been freed in fslmcDeviceRemove. Therefore, referencing...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: A out-of-bounds bug has been fixed in the sndusbParseAudioInterface function. There may be a faulty USB audio device with a USB ID of 0x04fa, 0x4201, and with fewer than 4 interfaces. A out-of-bounds read bug...
Astra Linux - уязвимость в linux-5.10, linux
The roccatreportevent in the drivers/hid/hid-roccat.c file in the Linux kernel, as of version 5.19.12, contains a race condition, which can lead to a use-after-free situation under certain conditions when a report is received while the report-value copy operation is in progress...
Astra Linux - уязвимость в linux, linux-5.10
A NULL pointer dereference flaw was discovered in the rawv6pushpendingframes function in net/ipv6/raw.c within the network subcomponent of the Linux kernel. This flaw can cause the system to crash...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fixed stale file descriptors when a usercopy fails. A failed usercopy of the fencerep object will result in a stale entry in the file descriptor table, as putunusedfd will not release that entry. This allows userland ...
Astra Linux - уязвимость в linux-5.10, linux
A flaw related to the use of “free” in the Linux kernel’s Video4Linux driver was discovered in the way that triggers em28xxusbprobe, for Empia 28xx-based TV cards. A local user could exploit this flaw to crash the system or potentially escalate their privileges on the system...
Astra Linux - уязвимость в linux-5.10, linux
A NULL pointer dereference flaw exists in the diFree function in the fs/jfs/inode.c file of the Journaled File System JFS in the Linux kernel. This flaw could allow a local attacker to crash the system or leak internal kernel information...
Astra Linux - уязвимость в linux
In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can occur when a trustedless device provides a buf-len value that exceeds the buffer size. NOTE: the vendor indicates that the mentioned data corruption is not a vulnerability in any existing use case; the...
Astra Linux - уязвимость в linux, linux-5.10
A race condition was identified in the vtkioctl function within drivers/tty/vt/vtioctl.c in the Linux kernel. This may lead to an out-of-bounds read, as the write access to vcmode is not protected by a lock in vtioctl KDSETMDE. The primary threat of this vulnerability is data confidentiality...
Astra Linux - уязвимость в linux, linux-5.10
A flaw was discovered in the OverlayFS subsystem of the Linux kernel, regarding the way users mount the TmpFS filesystem using OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ceph: Added initializers for the cephpathinfo structure when they were missing. The cephmdscbuildpath function must be called with a cephpathinfo parameter initialized to zero. Otherwise, the cephmdscfreepathinfo function may...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: This vulnerability prevents a wraparound in the schema length during the trace fill operation. The ioam6fillTraceData function stores the schema contribution to the trace length in an u8 type variable. When bit 2...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: The validation of response sizes in ipcvalidatemsg has been improved. ipcvalidatemsg calculates the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon’s...