Astra Linux - уязвимость в webkit2gtk

The issue was resolved through improved checks. This issue is fixed in Safari 18, iOS 18, iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, and watchOS 11. Processing maliciously crafted web content may result in an unexpected process crash...

Astra Linux - уязвимость в chromium

Before version 94.0.4606.61, using "use after free" in Portals within Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...

Astra Linux - уязвимость в chromium

Before version 94.0.4606.54, using the "after free" mechanism in Performance Manager in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: The dealloc repeatcallcontrol function may fail if damoncall fails. damoncall for managing repeatcallcontrol of DAMONSYSFS may fail if the kdamond function is stopped before the damoncall is invoked. This can...

Astra Linux - уязвимость в webkit2gtk

This issue has been resolved through improved memory handling. This issue is fixed in Safari 26.1, iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, and watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed the null-ptr-deref issue when the journal load failed. During the mounting process, if journal fails due to a too-short journal, it causes jbd2journalload to fail with a NULL jsbbuffer. Consequently,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: vhost-vdpa: fixed an iotlb memory leak Before committing 3d5698793897 “vhost-vdpa: introduced ASID-based IOTLB”, we called vhostvdpaiotlbunmapv, iotlb, 0ULL, 0ULL – 1 during the release phase to free all resources allocated wh...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tls: Stop recv if the initial processrxlist contains a record that is not of the DATA type. If there is a record on rxlist that is not of the DATA type, and there is another record of the same type still in the queue, we will mer...

Astra Linux - уязвимость в librabbitmq

A vulnerability was discovered in the C AMQP client library also known as rabbitmq-c for RabbitMQ in versions up to 0.13.0. credentials can only be entered via the command line e.g., for amqp-publish or amqp-consume, and therefore they are visible to local attackers who can list processes along...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed a potential use-after-free issue in irqprocessworklist. The listforeachentry Safe function was used to allow iterating through the list and deleting entries during the iteration process. The descriptors are...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Ceph: fixed a crash in processv2sparseread for encrypted directories. A crash in processv2sparseread for fscrypt-encrypted directories has been reported. This issue occurs in the Ceph msgr2 protocol in secure mode. It can be...

Astra Linux - уязвимость в webkit2gtk

This issue has been resolved through improved memory handling. This issue is fixed in Safari 26, iOS 26, iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, and watchOS 26. Processing maliciously crafted web content may lead to an unexpected process crash...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Binder: Fix for double-free in dbitmap A process may fail to allocate a new bitmap when attempting to expand its proc-dmap. In such cases, dbitmapgrow fails and frees the old bitmap via dbitmapfree. However, the driver calls...

Astra Linux - уязвимость в freeipa

A flaw was identified in the FreeIPA API audit; it sends the entire FreeIPA command line to journalctl. As a result, during the FreeIPA installation process, administrative user credentials—including the administrator’s password—are inadvertently leaked into the journal database. In the worst-cas...

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation when parsing a UDP packet, due to an underflow of the netprocessreceivedpacket integer during the udppackethandler call...

Astra Linux - уязвимость в firefox

A use-after-free crash could occur on macOS if a Firefox update was applied to a heavily utilized system. This could lead to a exploitable crash. This vulnerability affects Firefox versions earlier than 122...

Astra Linux - уязвимость в webkit2gtk

A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in Safari 26.1, iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, and watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: tcp: tcprtxsynack can be called from process context. Laurent reported the enclosed report 1. This bug occurs under the following conditions: 0 The kernel is built with CONFIGDEBUGPREEMPT=y. 1 A new passive FastOpen TCP socket is...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fixed possible descptr out-of-bounds accesses. Sanitized possible descptr out-of-bounds accesses in sesenclosuredataprocess...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: amd/amdkfd: enhanced checking of kfd processes during switch partitions. Currently, the switch partition only checks whether kfdprocessestable is empty. The entry in kfdprocessestable is deleted in kfdprocessnotifierrelease, b...