11901 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Fixed infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. 1 According to the log, syzkaller sent an AFUNSPEC RTMGETROUTE message, and then th...
Astra Linux - уязвимость в libpcap
The sf-pcapng.c file in libpcap before version 1.9.1 does not properly validate the PHB header length before allocating memory...
Astra Linux - уязвимость в systemd
The basic/unit-name.c file in systemd, prior to versions 246.15, 247.8, 248.5, and 249.1, contains a memory allocation with an excessive size value. This issue involves functions strdupa and alloca, where a pathname is controlled by a local attacker, leading to a system crash...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: LoongArch: Fixed missing NULL checks for kstrdup 1. Replaced “offindnodebypath"/"” with “ofroot” to avoid multiple calls to “ofnodeput”. 2. Fixed a potential kernel error during early boot when memory allocation fails while...
Astra Linux – Vulnerability in pillow
A issue was discovered in Pillow prior to version 10.0.0. It is a denial-of-service attack where memory is uncontrollably allocated to processing a given task, potentially causing a service to crash due to running out of memory. This occurs for truetype in ImageFont when textlength in an ImageDra...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Fix memory allocation size for queueprioritymap A critical memory allocation bug was fixed in the edmasetupfromhw function, where queueprioritymap was allocated with insufficient memory. The code declared...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: fpga: fixed a potential null pointer dereferencing in fpgamgrtestimgloadsgt The fpgamgrtestimgloadsgt function allocates memory for sgt using kunitkzalloc. However, it does not check whether the allocation fails. It then passe...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: xfrm: When freeing ipcompscratches, if it fails to allocate memory, ipcompscratches will hold an obsolete address. When attempting to free the percpu scratches using ipcompfreescratches, it attempts to vfree a non-existent vm are...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Regulator: gpio – Fixed an issue where access to drvdata::gpiods resulted in out-of-bounds access. drvdata::gpiods is supposed to hold an array of pointers to gpiodesc structures. However, only one pointer is allocated for this...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: udplite: A NULL pointer dereference issue was fixed in skmemraiseallocated. syzbot reported a NULL pointer dereference in skgetrmem0 when using IPPROTOUDPLITE 0x88. 14:25:52, executing program 1: r0 = socket$inet60xa, 0x80002,...
Astra Linux - уязвимость в gst-plugins-good1.0
GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the input file. If th...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: rpmpd: Check for a null return from devmkcalloc. Due to the potential failure of the allocation, data-domains might be a NULL pointer, and this could lead to the dereferencing of a NULL pointer later. Therefore, it mig...
Astra Linux - уязвимость в qemu
A flaw was discovered in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, resulting in uncontrolled memory allocation. This can lead to a denial of service attack on the host system, causing the QEMU process to terminate...
Astra Linux - уязвимость в binutils
A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It involves an attempt at excessive memory allocation in the bfdelfslurpversiontables function within elf.c...
Astra Linux - уязвимость в libvirt
A flaw was discovered in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before performing the negative length check by the C API entry points. Passing a negative length to the gnew0 function results in a crash because the negative length is treate...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tpm: Changed to kvalloc in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: 10.693310 T1 tpmtis STM0925:00: 2.0 TPM device-id 0x3, rev-id 0 10.848132 T1 ------------ Cut here ------------ 10.853559 T1...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: pinctrl: ralink: Check for a null return from devmkcalloc. Due to the potential failure of the allocation, data-domains might be a NULL pointer, and this could lead to the dereferencing of a NULL pointer later. Therefore, it migh...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fixed resource leaks in vdecmsgqueueinit. If any error occurs during the execution of vdecmsgqueueinit, we need to set msgqueue-wdmaaddr.size = 0;. Normally, this is done within the vdecmsgqueuedeinit...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/rds: Fixed a circular locking dependency in rdstcptune syzbot reported a circular locking dependency in rdstcptune, where sknetrefcntupgrade is called while holding the socket lock:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: PCI: ofproperty: Return error for intmap allocation failure The “ENOMEM” return value occurs when kcalloc fails to prevent a NULL pointer dereferencing in this case. bhelgaas: commit log...