12012 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Free pages with an error in btrfsuringreadextent In this function, the ‘pages’ object is never freed, in the hope that it will be picked up by btrfsuringreadfinished whenever that function is executed in the future. But...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Regulator: gpio – Fixed an issue where access to drvdata::gpiods resulted in out-of-bounds access. drvdata::gpiods is supposed to hold an array of pointers to gpiodesc structures. However, only one pointer is allocated for this...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: fpga: fixed the potential null pointer dereferencing in fpgamgrtestimgloadsgt The fpgamgrtestimgloadsgt function allocates memory for sgt using kunitkzalloc. However, it does not check whether the allocation fails. It then...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed the missing error check for xastore. xastore may fail. It returns xaerr-EINVAL if the entry cannot be stored in an XArray, or xaerr-ENOMEM if memory allocation fails. Therefore, a check for errors in xastore is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: return fail if interface is down in bnxtqueuememalloc The bnxtqueuememalloc function is called to allocate new queue memory when a queue is restarted. It internally accesses the rx buffer descriptor corresponding to th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Added a check for a failure in memory allocation for rgbydata. In iacss3astatisticsallocate, there is no check on the allocation result of the rgbydata memory. If rgbydata is not successfully allocated, it may...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tpm: Changed to kvalloc in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: 10.693310 T1 tpmtis STM0925:00: 2.0 TPM device-id 0x3, rev-id 0 10.848132 T1 ------------ Cut here ------------ 10.853559 T1...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Allocate memory before using it. KMSAN reports: Multiple uninitialized values were detected: - KMSAN: uninitvalue in ntfsreadhdr 3 - KMSAN: uninitvalue in bcmp 3 Memory is allocated by getname, which is a wrapper for...
Astra Linux – Vulnerability in libpcap
The sf-pcapng.c file in libpcap before version 1.9.1 does not properly validate the PHB header length before allocating memory...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2, where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub’s argument list. However, it does not check in case the memory allocation fails. Once the allocation fails, a NULL pointer will be processed by the parseoption function,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an invalid context error in the dml helper. Why “BUG: Sleeping function called from invalid context” error. After: “drm/amd/display: Protected FPU in dml2validate/dml21validate”. The...
Astra Linux – Vulnerability in libstb
stbvorbis is a single-file MIT licensed library for processing OGG Vorbis files. A maliciously crafted file may trigger an out-of-bounds write vulnerability in the line f-vendorlen = char'\0';. The root cause of this issue is that if len read from startdecoder is -1, then len + 1 becomes 0 when...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nvme: fixed memory allocation in nvmeprreadkeys nvmeprreadkeys takes numkeys from userspace and uses it to calculate the allocation size for rse via structsize. The upper limit is PRKEYSMAX 64K. A malicious or buggy userspace...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: In tomoyowritecontrol, do not emit a warning. syzbot reports a “too-large allocation” warning in tomoyowritecontrol. This occurs when a very long line can be written without a newline character. To fix this warning, I use GFPNOWA...
Security Bulletin: Oracle Outside In Technology (OIT) v8.5.7 BP9, v8.5.8 BP2 vulnerabilities CVE-2025-54874 (vulnerable), CVE-2025-59375 (vulnerable) in FileNet Content Manager (FNCM) Content Based Retrieval (CBR) content indexing
Summary Oracle Outside In Technology OIT v8.5.7 BP9, v8.5.8 BP2 January, 2026 vulnerabilities CVE-2025-54874 vulnerable, CVE-2025-59375 vulnerable in FileNet Content Manager FNCM Content Based Retrieval CBR content indexing Vulnerability Details CVEID:CVE-2025-54874 DESCRIPTION: OpenJPEG is an...
Siemens RuggedCom Rox Integer Overflow or Wraparound (CVE-2024-57258)
Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdifft is mishandled on x8664. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Apache Thrift: Apache Thrift: Denial of Service via excessive memory allocation
A flaw was found in Apache Thrift. This vulnerability involves a Memory Allocation with Excessive Size Value, which could allow an attacker to trigger resource exhaustion. By providing an overly large size value during memory allocation, an attacker can cause the affected system to become...
postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write
A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...
postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write
A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...
postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write
A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...