5246 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Skip discovery table for offline dies This warning can be triggered if NUMA is disabled and the system boots with fewer CPUs than the number of CPUs in die 0. WARNING: CPU: 9 PID: 7257 at uncore.c:1157...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed another “off-by-one” issue with the fsmap call for 1k-block file systems. It seems that syzbot discovered that issuing the FSMMAPHEAD call as follows: c struct fsmaphead cmd = .fmhcount = ...; .fmhkeys = .fmrdevice...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: can: netlink: canchangelink: fixed the NULL pointer dereference in struct canpriv::dosetmode. Andrei Lalaev reported a NULL pointer dereference when a CAN device is restarted from a Bus Off state, and the driver does not implemen...
Astra Linux - уязвимость в libtasn1-6
GNU Libtasn1 before version 4.19.0 has a array size check for the ETYPEOK field that can lead to errors. This issue affects the asn1encodesimpleder function...
Astra Linux - уязвимость в zabbix
The researcher has shown that due to the way the SNMP trap log is parsed, an attacker can create an SNMP trap with additional lines of information, causing forged data to appear in the Zabbix UI. This attack requires that SNMP authentication be disabled, and/or that the attacker knows the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rvcv: fixed an oops caused by the irqsoff latency tracer. The tracehardirqson,off functions require the caller to properly set up the frame pointer. This is because these two functions use the macro CALLERADDR1 also known as...
Astra Linux - уязвимость в gimp
GIMP PSP File Parsing: An Off-by-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicio...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clearing the optc underflow before turning off the ODM clock Why After the ODM clock is turned off, the optc underflow bit remains there indefinitely, and clearing it doesn’t work as expected. We need to clear th...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: misc: lis3lv02di2c: Fix regulators getting en-/dis-abled twice on suspend/resume When lis3lv02di2csuspend is not configured for wakeup, it will call lis3lv02dpoweroff, even if the device has already been turned off by the...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: IB/hfi1: Fixed the off-by-one error in sdma.h’s tx-numdescs. Unfortunately, the commit fd8958efe877 introduced another error, causing the descs array to overflow. This leads to further crashes that can be easily reproduced usi...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for corruption during online resizing We observed corruption during online resizing of a file system that is larger than 16 TiB and has a 4k block size. When there are more than 2^32 blocks, resizeinode is turned off by...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: scsi: sd: A “off-by-one” error has been fixed in sdreadBlockcharacteristics. If the device returns page 0xb1 with a length of 8 this occurs with QEMU v2.x, for example, sdReadBlockCharacteristics may attempt an out-of-bounds...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc – fixed an off-by-one error in the wireorder validation. The current validation wireorderi ARRAYSIZEconfig pins allows wireorderi to equal ARRAYSIZEconfig pins, which causes out-of-bounds access when used as an...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: ptrace: Fixed SVE writes on !SME systems When SVE is supported but SME is not supported, a ptrace write to NTARMSVE regset can place the tracee into an invalid state. In this state, non-streaming SVE register data i...
Astra Linux - уязвимость в ffmpeg5
It was discovered that FFmpeg versions n5.1 to n6.1 contain an Off-by-one Error vulnerability in the libavfilter/avfshowspectrum.c file. This vulnerability allows attackers to cause a Denial of Service DoS attack through crafted inputs...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: dmaengine: nbpfaxi: Fixed memory corruption in probe The nbpf-chan array is allocated earlier in the nbpfprobe function, and it contains “numchannels” elements. These three loops iterate one element further than they should,...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ep93xx: clock: Fix for an offset of one in ep93xxdivrecalcrate. The psc-div array contains psc-numdiv elements. These values are derived from when we call clkhwregisterdiv. They are adcdivisors and ARRAYSIZEadcdivisors, etc...
Astra Linux - уязвимость в systemd
A “off-by-one” error issue was discovered in Systemd within the formattimespan function of the time-util.c file. An attacker could provide specific values for time and accuracy, resulting in a buffer overflow in formattimespan, which can lead to a Denial of Service...
Astra Linux - уязвимость в chromium
A single error in V8 in Google Chrome prior to version 141.0.7390.54 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: Medium...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: iavf: Fixed off-by-one issues in iavfconfigrssreg There are off-by-one bugs when configuring the RSS hash key and lookup table, causing out-of-bounds reads to memory 1 and out-of-bounds writes to device registers. Before commi...