Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: aoss: The issue of a reference count leak in qmpcoolingdevicesregister has been fixed. In every iteration of the foreachavailablechildofnode loop, the reference count of the previous node is decremented. When exiting t...

Astra Linux - уязвимость в wireshark

An infinite loop in the BitTorrent DHT dissector in Wireshark versions 3.6.0, 3.4.0, and 3.4.10 allows for denial of service through packet injection or malicious capture files...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mac80211: Fixed a deadlock issue in AP/VLAN handling. Syzbot reports that when APVLAN interfaces are active, closing the AP interface they belong to can lead to a deadlock. This isn’t surprising—since we use devclose to handle...

Astra Linux - уязвимость в libtirpc

In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that used libtirpc, as idle TCP connections were handled improperly. This could lead to an svcrun infinite loop without accepting new connections...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fixed an infinite loop in the IRQ handler upon a power fault. The Power Fault Detected bit in the Slot Status register differs from all other hot-plug events; it is “sticky” – it can only be cleared after turning off...

Astra Linux - уязвимость в qemu

In QEMU 5.0.0, the hw/usb/hcd-ohci.c file contains an infinite loop when a TD list has a loop...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: Resets cid to connum – 1 to remain within bounds. In the function initconns, after the createcon and createcm calls for the loop, if something fails. During the cleanup phase of the loop, after the destroy tag, we...

Astra Linux - уязвимость в wireshark

In Wireshark versions 3.0.0 to 3.0.3, and 2.6.0 to 2.6.10, the Gryphon dissector could enter an infinite loop. This issue was addressed in the plugin file plugins/epan/gryphon/packet-gryphon.c by checking for a packet length of zero...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm: Fix for 6 GHz scan construction If there are more than 255 colocated APs available for the set of APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop indefinitely. This is because t...

Astra Linux - уязвимость в qemu

In QEMU 5.0.0, the file hw/net/e1000ecore.c contains an infinite loop that occurs due to a NULL buffer address in the RX descriptor...

Astra Linux - уязвимость в python-django

A issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: copyverifierstate should copy the ‘loopentry’ field. The bpfverifierstate.loopentry field should be copied by copyverifierstate. Otherwise, the values of .loopentry from unrelated states could corrupt env-curstate...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Error checking was added to ext4extreplaysetiblocks. If the call to ext4mapblocks fails due to a corrupted file system, ext4extreplaysetiblocks may get stuck in an infinite loop. This issue can be reproduced by running...

Astra Linux - уязвимость в containerd-app

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to a Denial-of-Service DoS attack if an attacker provides specially crafted HTML content...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: rtlwifi – significantly reduced the attempts to read efuse in case of failures. Syzkaller reported a hung task with ueventshow on the stack trace. That specific issue was addressed by another commit 0. However, even with...

Astra Linux - уязвимость в openjpeg2

A flaw was discovered in OpenJPEG. Pictures constructed maliciously can cause the program to enter a large loop and continuously print warning messages on the terminal...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: - In the dsa module, potential memory leaks were fixed in dsaloopinit. - kmemleak reported memory leaks in dsaloopinit: 12 new suspected memory leaks. - The unreferenced object 0xffff8880138ce000 size 2048 contains the followi...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: loop: Overflow check during loop configuration The user space can configure a loop using an ioctl call. In this process, a configuration of type loopconfig is passed see the loioctl case on line 1550 of drivers/block/loop.c. This...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: nvmet: fixed a use-after-free issue. Fixed the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blkmqcompleterequestremote+0xac/0x350 Read of size 4 at addr 0000607bd1835943 ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fixed an error handling path in da7219registerdaiclks. If clkhwregister fails, the corresponding clk should not be unregistered. To handle errors from loops, partial iterations should be cleaned up before performing...