Astra Linux - уязвимость в apache2

Some modproxy configurations on the Apache HTTP Server versions 2.4.0 through 2.4.55 allow for an HTTP Request Smuggling attack. These configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch, where a non-specific pattern matches a portion of the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed error handling in kfdprocessdeviceinitvm. It is recommended to only destroy the ibmem and let the process cleanup worker free the outstanding BOs. Reset the pointer in the pdd-qpd structure to avoid NULL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: A memory leak in the flow steering list has been fixed in rmmod. The flow steering list maintains entries that are added and removed as ethtool creates and deletes flow steering rules. Removing a module with active entries...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: tpm: In tpmcrb, add acpiputtable to fix a memory leak. In crbacpiadd, we obtain the TPM2 table to retrieve information such as the start method, and then assign those values to private data. Therefore, the TPM2 table is not used...

Astra Linux - уязвимость в linux-5.15, linux-6.1

A flaw was discovered in the handling of SMB2 read requests within the kernel’s ksmbd module. The issue arises due to the lack of proper validation of user-provided data, which can lead to reading data beyond the end of an allocated buffer. An attacker can exploit this vulnerability to disclose...

Astra Linux - уязвимость в linux-astra-modules-5.4, linux-astra-modules-5.10

The vulnerability of the pdplPut function in the linux-astra-modules kernel module is related to the assignment of a null pointer. Exploiting this vulnerability allows an attacker to cause a service failure...

Astra Linux - уязвимость в libmodule-scandeps-perl

Qualys discovered that if unsanitized input was used with the Modules::ScanDeps library, before version 1.36, a local attacker could potentially execute arbitrary shell commands by opening a “pesky pipe” e.g., passing “commands|” as a filename or by passing arbitrary strings to the eval function...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: The commit mutex should not be released during the critical section between nftgcseqbegin and nftgcseqend. Otherwise, the async GC worker could collect expired objects and obtain the released commit lock with...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix module reference leak A reference to the carrier module was taken every time it was used, but it was only released once, when the final reference to the tty struct was removed. This issue is fixed by taking th...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: macb: fixed the use of “free” after calling “rmmod”. “platdev-dev-platformdata” is released by calling “platformdeviceunregister”. The use of “pclk” and “hclk” constitutes a use-after-free. Since “deviceunregister” does n...

Astra Linux - уязвимость в samba

The Samba vfsfruit module utilizes extended file attributes EA, xattr to enhance compatibility with Apple SMB clients and interoperability with Netatalk 3 AFP file servers. Samba versions prior to 4.13.17, 4.14.12, and 4.15.5, when vfsfruit was configured, allowed out-of-bounds heap read and writ...

Astra Linux - уязвимость в pam-pkcs11

PAM-PKCS11 is a Linux-PAM login module that enables user login using X.509 certificates. Prior to version 0.6.13, if certpolicy was set to none the default value, then pampkcs11 would only check whether the user was capable of logging into the token. An attacker could create a new token using the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY. When CONFIGDEBUGBUGVERBOSE=n, we fail to add the necessary padding bytes to the bugtable entries. As a result, the last entry in a bug table will be ignored, potentially leadin...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: EDAC/igen6: Avoid segmentation faults during module unloading. The segmentation fault occurs because: During modprobe: 1. In igen6probe, igen6pvt is allocated using kzalloc. 2. In igen6registermci, mci-pvtinfo points to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bonding: An oops occurred during the rmmod operation. The command “rmmod bonding” causes an oops since the commit with the code change cc317ea3d927” „bonding: remove the redundant NULL check in the debugfs function”. The followin...

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2. When performing a symlink lookup, the grub’s UFS module checks the data size of the inode to allocate an internal buffer to read the file content. However, it fails to check whether the data size of the symlink has exceeded its allocated limit. As a result, the...

Astra Linux - уязвимость в ansible

A flaw was discovered in the ansible module, where credentials are disclosed in the console logs by default, and are not protected by security features when using the bitbucketpipelinevariable module. This flaw allows an attacker to steal bitbucket Pipeline credentials. The greatest threat posed ...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: In the proc subsystem, the same handling is used for checking proclseek as for procreaditer and others. Directly checking pde-procops-proclseek may lead to a Use-After-Value UAF in the rmmod scenario. This issue arises from a fla...

Astra Linux - уязвимость в firefox, thunderbird

Module load requests that failed were not checked to determine whether they had been cancelled, resulting in a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

Astra Linux - уязвимость в imagemagick

ImageMagick is free software available as a ready-to-run binary distribution or as source code that you can use, copy, modify, and distribute in both open and proprietary applications. In affected versions, Postscript files may be read and written when specifically excluded by a module policy in...