2445 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: A race condition has been fixed in dotask when draining resources. When dotask exhausts its iteration budget !ret, it sets the state to TASKSTATEIDLE to reschedule the task, without performing a secondary check on the...
Astra Linux – Vulnerabilities in Firefox, Thunderbird, and Chromium
Before version 91.0.4472.101, using the "OUT OF BORD" write function in Google Chrome allowed a remote attacker to potentially perform out-of-bord memory access through a crafted HTML page...
Astra Linux – Vulnerability in Qemu
A flaw was discovered in the QEMU implementation of VMWare’s paravirtual RDMA device. The issue arises when handling the “PVRDMACMDCREATEMR” command due to improper memory remapping mremap. This flaw allows a malicious guest to crash the QEMU process on the host. The greatest threat posed by this...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out-of-bounds memory access via a crafted HTML page...
Astra Linux – Vulnerability in Chromium
In Google Chrome browsers, out-of-bounds memory access in V8 was possible before version 89.0.4389.72. This allowed a remote attacker to potentially perform out-of-bounds memory access through a crafted HTML page...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/irdma: Fixed the bug where sleep operations occurred from an invalid context. RoCEv2 QP processing in netdev events caused a kernel split. This issue was fixed by removing the handling of RoCEv2 in...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed a memory leak in the error flow for the subscribe event routine. In the event that the second xainsert function fails, the objevent object is not released. This issue has been fixed by correcting the error...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevention of certain integer underflows My static checker reports the following issue: drivers/infiniband/hw/irdma/ctrl.c:3605 irdmascceqinit Warning: Can subtract underflow for ‘info-dev-hmcfpmmisc.maxceqs’? It seem...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/siw: Fixed a refcounting leak in siwcreateqp. The atomicinc function needs to be paired with an atomicdec function in the error handling path...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/mlx5: Fixed error handling when the firmware fails and the RQ is destroyed. When the RQ is destroyed, if the firmware command fails—which is the last resource to be destroyed—some SW resources are already cleaned,...
Astra Linux – Vulnerability in Qemu
A flaw was discovered in the QEMU implementation of VMWare’s paravirtual RDMA device. This flaw allows a malicious guest driver to allocate and initialize a large number of page tables, which can be used as a ring of descriptors for CQ and async events. This could potentially lead to out-of-bound...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fixed the issue of accessing an invalid dipctx during the destruction of QP. If the system fails to modify QP to RTR, the dipctx will not be attached. During the destruction of QP, the invalid dipctx pointer will be...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Do not change route.addr.srcaddr outside of state checks. If the state is not idle, resolvepreparesrc should immediately fail, and no changes to the global state should occur. However, it srcaddr by attempting to create...
Astra Linux – Vulnerability in Chromium
Before version 123.0.6312.58, using Swiftshader in Google Chrome allowed a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: Medium...
PT-2026-50926
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA Remote Direct Memory Access component during the rereg mr process. When IB MR REREG ACCESS changes from read-only RO to read-write RW, the umem user memory mu...
kernel: Linux kernel: Denial of service and memory corruption in RDMA umad
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...
rsync security update
An update is available for rsync. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rsync utility enables the users to copy and synchronize files locally or...
rsync security update
An update is available for rsync. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rsync utility enables the users to copy and synchronize files locally or...
Important: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...