125997 matches found
ALSA-2026:13381 Important: openssh security update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: orangefs: The issue with memory leaks in orangefskernel,clientdebuginit was fixed. When the orangefs module is inserted or removed, memory leaks occur as follows: unreferenced object 0xffff88816b0cc000 size 2048: comm "insmod", p...
Astra Linux – Vulnerability in Thunderbird
The ms-msdt, search, and search-ms protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have known vulnerabilities that have been exploited in the wild although we know of none exploited through Thunderbird. Therefore, in thi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: crypto: aead – Fixed handling of reqsize The commit afddce13ce81d “crypto: api – Added reqsize to cryptoalg” introduced the crreqsize field in the cryptoalg struct to replace the type-specific reqsize fields. It seems this...
Astra Linux – Vulnerability in gnupg2
A flaw was discovered in the way certificate signatures can be forged using collisions found in the SHA-1 algorithm. Attackers could exploit this weakness to create forged certificate signatures. This issue affects GnuPG versions prior to 2.2.18...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Fix potential null dereferencing in ext4mbinit In ext4mbinit, ext4mbavgfragmentsizedestroy may be called when sbi-smbavgfragmentsize remains uninitialized e.g., if the groupinfo slab cache allocation fails. Since...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: userfaultfd: Fixes the checks for huge PMDs. Patch series “userfaultfd: fix races around pmdtranshuge check”, v2. The pmdtranshuge code in mfillatomic is incorrect in three different ways, depending on the kernel version: 1. T...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU. The runtime PM suspend callback does not know whether the IRQ handler is in progress on a different CPU core and therefore does not wait for it to finish. Dependi...
Astra Linux - уязвимость в mbedtls
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtlsmpiexpmod in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information typically an untrusted operating system attacking a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mlxbfgige: Call requestirq after NAPI initialization The mlxbfgige driver encounters a NULL pointer exception in mlxbfgigeopen when kdump is enabled. The sequence to reproduce this exception is as follows: a Enable kdump. b Trigg...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mlxbfgige: stop interface during shutdown The mlxbfgige driver intermittantly encounters a NULL pointer exception while the system is shutting down via "reboot" command. The mlxbfdriver will experience an exception right after...
Astra Linux – Vulnerability in curl
This flaw allows an attacker to insert cookies into a running program using libcurl, provided that certain conditions are met. Libcurl performs transfers. In its API, an application creates “easy handles”—individual handles used for single transfers. Libcurl provides a function called...
Astra Linux – Vulnerability in mbedtls
A issue was discovered in Mbed TLS before version 2.25.0 and before versions 2.16.9 LTS and 2.7.18 LTS. A NULL algorithm parameter entry resembles an array of REAL values with a size of zero; therefore, the certificate is considered valid. However, if the parameters do not match at all, then the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: perf/x86/lbr: Filtering vsyscall addresses We found that a panic can occur when a vsyscall is executed while LBR sampling is active. If the vsyscall is interrupted via NMI for perf sampling purposes, the following call sequence m...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: pm8001: Fixed the runningreq for internal abort commands Disabling the remote PHY for a SATA disk causes a hang: bash root@none$ more /sys/class/sasPhy/phy-0:0:8/targetPortProtocols sata root@none$ echo 0...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The function cortexa76erratum1463225debuggerHandler is called when handling debug exceptions and synchronous exceptions from BRK instructions. If the compiler does not inline...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ceph: always call cephshiftunusedfoliosleft The function cephprocessfoliobatch sets foliobatch entries to NULL, which is an illegal state. Before foliobatchrelease crashes due to this API violation, the function...
Astra Linux – Vulnerability in Linux 5.10, Linux
Before version 5.17.9, the Linux kernel allowed TCP servers to identify clients by observing which source ports were used. This occurs due to the use of Algorithm 4 "Double-Hash Port Selection Algorithm" from RFC 6056...
Astra Linux – Vulnerabilities in unbound, bind9, and dnsmasq
The “Closest Encloser Proof” aspect of the DNS protocol as described in RFC 5155, when the guidance provided in RFC 9276 is skipped enables remote attackers to cause a denial of service resulting in high CPU usage for SHA-1 calculations through DNSSEC responses during a random subdomain attack,...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
Transmitted requests in Xen’s virtual network protocol can consist of multiple parts. Although none of them are actually useful, except for the initial part, any of these parts can be of zero length, meaning they carry no data at all. Apart from the certain initial portion of the data to be...