16284 matches found
Astra Linux - уязвимость в libpodofo
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete in PdfParserObject.cpp, which may lead to a stack overflow. Remote attackers could exploit this vulnerability to cause a denial-of-service attack, or potentially cause other unspecified impacts...
Astra Linux - уязвимость в wireshark
The TLS protocol dissector infinite loop in Wireshark versions 4.6.0 to 4.6.4 allows for denial of service attacks...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination condition in gssfreeintokenpages The intoken-pages array is not NULL terminated. This results in the following KASAN splat: KASAN: maybe wild-memory-access in range 0x04a2013400000008-0x04a20134000000...
Astra Linux - уязвимость в python3.7, python2.7
A flaw was discovered in Python. Improper handling of HTTP responses in the Python HTTP client code may allow a remote attacker, who controls the HTTP server, to cause the client script to enter an infinite loop, consuming CPU resources. The greatest threat of this vulnerability is to system...
Astra Linux - уязвимость в cairo
A issue was discovered in cairo 1.16.0. There is an infinite loop in the function arcerrornormalized in the file cairo-arc.c, which is related to arcmaxanglefortolerancenormalized...
Astra Linux - уязвимость в netcdf
A issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxmlparse functions improperly handle XML entities, resulting in an infinite loop where memory allocation occurs...
Astra Linux - уязвимость в htmldoc
In HTMLDOC 1.9.14, an infinite loop in the gifreadlzw function can cause a pointer to point arbitrarily to heap memory, leading to a buffer overflow...
Astra Linux - уязвимость в tinyxml
In TinyXML versions up to 2.6.2, there is an infinite loop in the TiXmlParsingData::Stamp method within tinyxmlparser.cpp, specifically due to the TIXMLUTFLEAD0 case. This issue can be triggered by a specially crafted XML message and leads to a denial of service...
Astra Linux - уязвимость в gst-plugins-good1.0
GStreamer is a library for constructing graphs of media-handling components. A out-of-bounds write vulnerability was identified in the converttos3341a function in isomp4/qtdemux.c. The vulnerability arises due to a discrepancy between the size of memory allocated to the storage array and the loop...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: pagepool: Avoid infinite loops when scheduling delayed workers. We observed that the kworker in pagepoolreleaseretry was waking up repeatedly and infinitely in production. This issue was caused by a buggy driver, which resulted i...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: Avoid infinite loops due to incomplete zstd-compressed data. Currently, the decompression logic incorrectly processes compressed data if the data is truncated in crafted deliberately corrupted images...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: qcs615: fixed a crash issue caused by an infinite loop for Coresight. An infinite loop was created by the Coresight devices. When only a source device is enabled, the coresightfindactivatedsysfssink function is...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with the guest value only before entering the .vcpurun loop. The conditional loading of hardware DR6 with the guest’s DR6 value is moved out of the core .vcpurun loop to fix a bug where KVM may load hardware wi...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fix an error handling path in da7219registerdaiclks If clkhwregister fails, the corresponding clk should not be unregistered. To handle errors from loops, clean up partial iterations before doing the goto. So add a...
Astra Linux - уязвимость в wireshark
The BT SDP dissector has an infinite loop in Wireshark versions 4.0.0 to 4.0.7, and 3.6.0 to 3.6.15. This issue allows for denial of service through packet injection or with crafted capture files...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixed the misjudgment in nilfsemptydir and the long loop that occurs due to I/O errors. The error handling in nilfsemptydir when a directory’s folio/page read fails is incorrect. In the old ext2 implementation, this...
Astra Linux - уязвимость в libpng1.6
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: In loopsetstatusfrominfo, the checks for lo-looffset and lo-losizelimit should be performed before reassigning them. This is because if an overflow error occurs, the original correct value will be changed to the wrong value, and ...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fixed a segfault in tcmlooptpgaddressshow If the allocation of tlhba-sh fails in tcmloopdriverprobe, and we attempt to dereference it in tcmlooptpgaddressshow, we will encounter a segfault. See below for an...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: - In net: The variable sk-skfamily was read once in the function skmcloop. - syzbot is frequently using IPV6ADDRFORM; it managed to trigger the WARNONONCE1 function in skmcloop. We have many more similar issues that need to be...