9088 matches found
Astra Linux - уязвимость в webkit2gtk
In WebKitGTK up to 2.36.0 and WPE WebKit, there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp...
Astra Linux - уязвимость в php8.1
In PHP versions 8.3. before 8.3.19 and 8.4. before 8.4.5, a code sequence involving the set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If a third party can control the memory layout, for example by providing specially crafted inputs to the script, it could...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Added a missing error check to scarlett2usbsetconfig. The scarlett2usbsetconfig function calls scarlett2usbget, but did not check the result. If this function fails, an error is returned instead of continuing wit...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fs/9p: Only the RWX permissions are translated for the plain 9P2000. Garbage data is allowed to pass through the perm bits of the plain 9P2000, allowing it to set, among other things, the suid bit. This probably wasn’t the intend...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ipu3-imgu: A NULL pointer dereferencing occurred in imgusubdevsetselection. Calling v4l2subdevgettrycrop and v4l2subdevgettrycompose with a subdev state of NULL leads to a NULL pointer dereferencing. This issue can occur in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ice: Avoid bpfprog refcount underflow The Ice driver includes routines for managing XDP resources that are shared between the ndobpf operation and the VSI rebuild flow. The latter occurs, for example, when the user changes the...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: The part of the cdns set that activates the state should be placed outside the spin lock. The device may be scheduled during the resume process; therefore, this issue cannot occur in atomic operations. Since...
Astra Linux - уязвимость в linux-5.10, linux
A issue was discovered in the Linux kernel through version 5.18.9. A type confusion bug in nftseteleminit could be exploited by a local attacker to escalate privileges. This is a different vulnerability than CVE-2022-32250. The attacker can obtain root access, but must start with an unprivileged...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: Do not free the live element. Pablo reported a crash when processing large batches of elements with a back-to-back add/remove pattern. According to Pablo: addelem"00000000" timeout 100 ms …...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: clsu32: Undo tcfbindfilter if u32replacehwknode When u32replacehwknode fails, we need to undo the tcf BindFilter operation performed at u32setparms...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: Release buffer when fbcondosetfont fails. syzbot is reporting a memory leak at fbcondosetfont, for the commit a5a923038d70 “fbdev: fbcon: Properly revert changes when vcresize fails”. It was overlooked that the buff...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Executing the ndosetrxmode callback within a work queue Commit 1767bb2d47b7 “ipv6: mcast: Do not hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP” removed the RTNL lock for these operations. However, this change...
Astra Linux - уязвимость в redis
Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command specifically, a SET command. NOTE: this issue was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have any safety guarantees related to...
Astra Linux - уязвимость в libde265
Libde265 1.0.9 has a heap buffer overflow vulnerability in de265image::setSliceAddrRSint, int, int...
Astra Linux - уязвимость в mbedtls
Mbed TLS versions before 3.0.1 have a double-free error under certain out-of-memory conditions, as demonstrated by a failure in the mbedtlssslsetsession function...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Rejects combinations where the sum of the field lengths matches the set key length. The description of the field length indicates the length of each separate key field. Each field is rounded up to 32 bits...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerabilities have been resolved: media: staging/intel-ipu3: Fixed error handling for setfmt. If an error occurs during the setfmt operation, do not overwrite the previous sizes with the invalid configuration. Without this patch, v4l2-compliance will end up...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walking over the current view in netlink dump The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on this information to determine which...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rtc: class: Fixed a potential memory leak in devmrtcallocatedevice devmrtcallocatedevice will first allocate an rtcdevice, and then call devsetname. If devsetname fails, the rtcdevice will cause a memory leak. Move...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: libceph: The calctarget function should set t-paused instead of simply clearing it. Currently, calctarget clears t-paused if the request should no longer be paused, but it never sets t-paused even though it can determine when the...