126319 matches found
Astra Linux – Vulnerability in connman
Before version 1.39, gdhcp in ConnMan could be exploited by network-adjacent attackers, allowing them to leak sensitive stack information and enabling further exploitation of bugs in gdhcp...
Astra Linux – Vulnerability in edk2
EDK2’s Network Package is vulnerable to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of confidentiality...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: nfs4: Fixed a memory leak when allocating slots failed. If one of the slot allocations fails, all other allocated slots should be cleaned up. Otherwise, the allocated slots will cause a leak: - Unreferenced object...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: fscache: Fixed race condition related to invalidation/lookup operations If an NFS file is opened for writing and then closed, the fscacheinvalidate function will be called to invalidate the file. However, if the cookie is in t...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: habanalabs/gaudi: fixed an out-of-bounds shift issue. When validating NIC queues, the queue offset calculation must be performed only for NIC queues...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Do not call cleanup on profile rollback failure When profile rollback fails in mlx5enetdevchangeprofile, the netdev profile var is left set to NULL. Avoid a crash when unloading the driver by not calling profile-cleanu...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42completecopies On the node of an NFS client, some files saved in the mountpoint of the NFS server were copied to another location of the same NFS server. Accidentally, the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: NFS: Fixed a potential buffer overflow in nfssysfslinkrpcclient. The name field is defined as char64, and the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to a potential buffer overflow...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fixed a warning caused by destroying non-initial netnss. After the commit 5ce2dced8e95 “RDMA/ipoib: Set rtnllinkops for ipoib interfaces”, if the IPOIB device is moved to a non-initial netns, destroying that netns...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: NFS: Do not corrupt the value of pgbyteswritten in nfsdorecoalesce The value of mirror-pgbyteswritten should only be updated after a successful attempt to flush out the requests on the list...
Astra Linux – Vulnerability in sane-backends
A NULL pointer dereferencing in SANE backends before version 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4: A memory leak has been fixed in nfs4setsecuritylabel. We encounter a memory leak whenever we set a security xattr, which involves accessing nfsfattr and nfs4label...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: sunrpc: Fixing the handling of server-side TLS alerts Scott Mayhew discovered a security exploit in NFS over TLS, specifically in the tlsalertrecv function. This exploit stemmed from a misunderstanding by the system that it could...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: nbd: The defer config unlock in nbdgenlconnect has been fixed. There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect: nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ice: Fixed NULL pointer dereferencing in icevsisetnapiqueues. Added NULL pointer checks in icevsisetnapiqueues to prevent crashes during resume from suspend when ringsqidx-qvector is NULL. Tested adapter: 60:00.0 Ethernet...
Astra Linux – Vulnerability in Samba
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client that can exploit the race condition of SMB1 or NFS to create a directory in an area of the server file system that is not exported under the share definition. Note that SMB1 must be enabled, or the share must also be...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cifs: Prevent NULL dereferencing in cifscomposemountoptions. The optional @ref parameter may contain a NULL nodename. Therefore, prevent dereferencing it in cifscomposemountoptions. Address-Coverity: 1476408 „Explicit NULL...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tty: synclinkgt: Fixed the null-pointer-dereference issue in slgtclean. When the driver fails at allochdlcdev, and then we remove the driver module, we will encounter the following error: 25.065966 General protection fault; likel...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fixed a race condition in qfqaggregate. A race condition can occur when qfqchangeagg is modified called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a NULL...