Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: misc: fastrpc: Do not remove the map from createprocess and devicerelease functions. Do not remove the map from the list during the error handling in fastrpcinitcreateprocess. Instead, call fastrpcmapput to avoid a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: libceph: Defined and enforced the CEPHMAXKEYLEN. When decoding the key, verify that the key material fits into a fixed-size buffer in processauthdone, and that its length is reasonable. The new CEPHMAXKEYLEN check replaces the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the issue where preallocated blocks were truncated in f2fsfileopen. Chenyuwen has reported the following f2fs bugs: Unable to handle a NULL pointer dereferencing at the virtual address 0000000000000011...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from the redistributor region during teardown When tearing down a redistributor region, make sure that there are no dangling pointers to that region stored in the vcpus...

Astra Linux - уязвимость в php7.3

In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, various XML functions rely on the libxml global state to track configuration variables, such as whether external entities are loaded. This state is assumed to remain unchanged unless the user explicitly changes it by...

Astra Linux - уязвимость в firefox, thunderbird

A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox 131, Firefox ESR 128.3, Firefox ESR 115.16, Thunderbird 128.3, and Thunderbird 131...

Astra Linux - уязвимость в binutils

In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the processarchive function in readelf.c via a crafted ELF file...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ICE: Fixed ‘scheduling while atomic’ in aux critical error interrupts There’s a kernel bug related to processing aux critical error interrupts in icemiscintr: 2100.917085 BUG: Scheduling while atomic: swapper/15/0/0x00010000 …...

Astra Linux - уязвимость в thunderbird

The parent process does not properly check whether the Speech Synthesis feature is enabled when receiving instructions from a child process. This vulnerability affects Thunderbird 91.9...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: i2c: i801 – Fixed block process call transactions. According to the Intel datasheets, software must reset the block buffer index twice for block process call transactions: once before writing the outgoing data to the buffer, and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed error handling in kfdprocessdeviceinitvm. It is recommended to only destroy the ibmem and let the process cleanup worker free the outstanding BOs. Reset the pointer in the pdd-qpd structure to avoid NULL...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Set the object to close if ondemandid 0 in copen. If copen is called maliciously in user mode, it may delete the request corresponding to the random ID. Moreover, the request may not have been read yet. Note that when...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed the session state check when reconnecting to avoid a use-after-free issue. Do not collect the exiting session in smb2reconnectserver; this session will be released soon. Note that the exiting session will remain in...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: pid: Added a check for ns null in pidnrns. taskpidnrns ns = taskactivepidnscurrent; pidnrnsrcudereferencetaskpidptrtask, type, ns; if pid && ns-level level Sometimes, null is returned for taskactivepidns. This can trigger kernel...

Astra Linux - уязвимость в webkit2gtk

This issue has been addressed through improved checks. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, and watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

Astra Linux - уязвимость в squid

Squid is a caching proxy for the web that supports HTTP, HTTPS, FTP, and other protocols. A bug related to incorrect checking of function return values makes Squid vulnerable to Denial of Service attacks targeting its helper process management. This bug has been fixed in Squid version 6.5. Users...

Astra Linux - уязвимость в webkit2gtk

The issue was addressed through improved checks. This issue is fixed in Safari 18.2, iOS 18.2, iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, and watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: RISCV: Process: Fix kernel information leakage The s12 element of the threadstruct may contain random kernel memory contents, which could potentially be leaked to the user space. This is a security flaw. To address this issue,...

Astra Linux - уязвимость в webkit2gtk

The issue was resolved through improved checks. This issue is fixed in Safari 18, iOS 18, iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, and watchOS 11. Processing maliciously crafted web content may result in an unexpected process crash...

Astra Linux - уязвимость в chromium

Before version 94.0.4606.61, using "use after free" in Portals within Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...