Astra Linux - уязвимость в linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parseserverinterfaces In this loop, we step through the buffer and after each item we check if the sizeleft is greater than the minimum size we need. However, the problem is that "bytesleft" is type ssizet...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mt6359 – Fixed a refcount leak bug. In functions mt6359parsedt and mt6359accdetparsedt, we should call ofnodeput for the reference returned by ofgetchildbyname, which has caused an increase in the refcount...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ice: fix using untrusted value of pktlen in icevcfdirparseraw Fix using the untrusted value of proto-raw.pktlen in function icevcfdirparseraw by verifying if it does not exceed the VIRTCHNLMAXSIZERAWPACKET value...

Astra Linux - уязвимость в wavpack

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variables. The impact includes unexpected control flow, crashes, and segfaults. The affected component is: ParseWave64HeaderConfig wave64.c:211. The attack vector is a maliciously crafted .wav file. The fixed version is: Afte...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: i2c: hi846: Fix memory leak in hi846parsedt If any of the checks related to the supported link frequencies fail, then the V4L2 fwnode resources don't get released before returning, which leads to a memleak. Fix this by...

Astra Linux - уязвимость в gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxparseblockgrouporsimpleblock function within matroska-demux.c. This function does not properly check the validity of the GstBuffer sub...

Astra Linux - уязвимость в gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gstwavparsesmplchunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer is...

Astra Linux - уязвимость в libheif

In Libheif 1.17.6, insufficient checks during the decoding of a heif file using ImageOverlay::parse can lead to out-of-bounds read and write operations when processing a file containing an overlay image with forged offsets...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bonding: A potential infinite loop has been prevented in the bondheaderparse function. The bondheaderparse function may enter an infinite loop if a stack of two bonding devices is set up. This occurs because skb-dev always points...

Astra Linux - уязвимость в protobuf-c, libsignal-protocol-c

protobuf-c before 1.4.1 has an unsigned integer overflow in parserequiredmember...

Astra Linux - уязвимость в ncurses

A buffer overflow vulnerability exists in the postprocessterminfo function in tinfo/parseentry.c:997 within ncurses 6.1. This vulnerability allows remote attackers to cause a denial of service by using crafted commands...

Astra Linux - уязвимость в libbpf

A vulnerability has been discovered in the Linux kernel. It has been identified as problematic. This issue affects the parseusdtarg function in the tools/lib/bpf/usdt.c file of the BPF component. Manipulating the regname argument leads to a memory leak. It is recommended that a patch be applied t...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fixed potential null pointer dereferencing. In functions lan8814getsigrx and lan8814getsigtx, ptpparseheader may return NULL due to abnormal packet types or corrupted packets. This bug has been fixed by adding a...

Astra Linux - уязвимость в netcdf

An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlparsestr performs incorrect memory handling while parsing crafted XML files out-of-bounds read after a certain strcspn failure...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: LSM: General protection fault in legacyparseparam The usual LSM hook mechanism of “bailing on fail” doesn’t work in cases where a security module may return an error code indicating that it doesn’t recognize an input. In this...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ACPICA: Fixed the error code path in acpidscallcontrolmethod. A use-after-free in acpipsparseaml occurs after a failed invocation of acpidscallcontrolmethod. This issue was reported by KASAN 1. Code inspection reveals that...

Astra Linux - уязвимость в binutils

A issue was discovered in the function parsestabstructfields in stabs.c within Binutils 2.34 through 2.38. This issue allows attackers to cause a denial of service due to memory leaks...

Arbitrary Command Injection

Overview lfx is a lfx is a command-line tool for running Langflow workflows. It provides two main commands: serve and run. Affected versions of this package are vulnerable to Arbitrary Command Injection via the parsecallabledetails function in codeparser.py. An attacker can execute arbitrary syst...

CVE-2026-7687 langflow-ai langflow Full Builtins code_parser.py CodeParser.parse_callable_details command injection

A vulnerability was determined in langflow-ai langflow up to 1.8.4. Affected by this issue is the function CodeParser.parsecallabledetails of the file src/lfx/src/lfx/custom/codeparser/codeparser.py of the component Full Builtins Module Handler. Executing a manipulation can lead to command...

EUVD-2026-26518

In the Linux kernel, the following vulnerability has been resolved: smb: client: validate the whole DACL before rewriting it in cifsacl buildsecdesc and idmodetocifsacl derive a DACL pointer from a server-supplied dacloffset and then use the incoming ACL to rebuild the chmod/chown security...