Astra Linux - уязвимость в dcmtk

In DCMTK, versions prior to 3.6.9 have a segmentation fault due to an invalid DIMSE message...

Astra Linux - уязвимость в samba

A out-of-bounds read vulnerability was discovered in Samba due to insufficient length checks in the winbinddpamauthcrap.c file. When performing NTLM authentication, the client sends cryptographic challenges back to the server. These responses have varying lengths, and Winbind fails to check the...

Astra Linux - уязвимость в linux-5.10, linux

A flaw was discovered in the Linux kernel’s implementation of proxied virtualized TPM devices. In a system where virtualized TPM devices are enabled which is not the default setting, a local attacker can exploit this flaw to create a “use-after-free” condition, potentially allowing them to escala...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mm/slabcommon: The corruption of the slabcaches list after kmemcacheDestroy has been fixed. After the commit in “Fixes”, if a module that creates a slab cache does not release all of its allocated objects before destroying the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: tpm: Limit the number of PCR banks The function tpm2getpcrallocation does not impose any upper limit on the number of banks. The limit is set to eight banks, so values that exceed this limit from external I/O cause only limite...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: video/aperture: Call sysfbdisable before removing PCI devices Call sysfbdisable from apertureremoveconflictingpcidevices before removing PCI devices. Without this call, simpledrm may still bind to simple-framebuffer devices after...

Astra Linux - уязвимость в apache2

A encoding problem in the modproxy component of the Apache HTTP Server 2.4.59 and earlier versions allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication through crafted requests. It is recommended that users upgrade to version 2.4.60, as...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The “binding mark” of a reused connection was unset. Steve French reported a null pointer dereference error from the sha256 lib.cifs.ko library. The cifs.ko library can send session setup requests on reused connections. If...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net:sfc: fixed the issue of non-freezed interrupts in legacy IRQ mode. The SFC driver can be configured using modparam to work with MSI-X, MSI, or legacy IRQ interrupts. In the latter case, the interrupt was not properly...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: For the hda codecs, do not unset the “preset” parameter when cleaning up codec-related operations. Several functions involved in the initialization and removal of codecs are reused by ASoC codec driver implementations. Thes...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a UAF issue due to a race between btftrygetmodule and loadmodule. While working on code to populate the kfunc BTF IDs for modules based on their initcalls, I noticed that by the time the initcall is invoked, the module...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: staticcall: Replace the unnecessary WARNON call in staticcallmodulenotify. staticcallmodulenotify triggers a WARNON when memory allocation fails in staticcalladdmodule. This behavior is not really justified, as the failure case...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: mgb4: Fix for double debugfs remove calls This fix addresses an issue where the debugfsremoverecursive function is called first on a parent directory, and then again on a child directory, causing a kernel panic. hverkuil:...

Astra Linux - уязвимость в libxmp

Libxmp through version 4.6.2 has a stack-based buffer overflow in the depackpha function in the loaders/prowizard/pha.c file, due to a malformed Pha format tracker module in a .mod file...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Enhanced sanity check during attribute list generation. The nicreateattrlist function uses WARNON to catch error cases during attribute list generation. Currently, it only prints the stack trace, which may not be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables – There is a possibility of module reference underflow in the error path. When nftexprclone fails, dst-ops is set. However, the module reference count has not been updated yet. As a result, nftexprdestroy...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: EDAC/skxcommon: Fixed the general protection fault After loading i10nmedac which automatically loads skxedaccommon, if only i10nmedac is unloaded, then reloading it and performing error injection testing may cause a general...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tpm: Do not start the chip while it is suspended. Checking TPMCHIPFLAGSUSPENSED after the call to tpmfindgetops can lead to a spurious tpmchipstart call: 35985.503771 i2c i2c-1: Transfer while suspended 35985.503796 WARNING: CPU:...

Astra Linux - уязвимость в ansible

A flaw was discovered in Ansible Engine 2.9.18, where sensitive information is not masked by default, and the nolog feature is not protected when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The greatest threat posed by this...

Astra Linux - уязвимость в ansible

A flaw was discovered in Ansible. The ansible-core user module allows an unprivileged user to silently create or replace the contents of any file on any system path, and to take ownership of that file when a privileged user executes the user module against the unprivileged user’s home directory. ...