9100 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Do not free decrypted memory. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the memory being retained. Callers must take care to...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: zloop: fixed the KASAN use-after-free of tagset When a zloop device is removed, the KASAN-enabled kernel reports “BUG KASAN use-after-free” in the blkmqfreetagset function. This bug occurs because zloopctlRemove calls putdisk,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: led: qcom-lpg: Fixed sleeping in atomic operations The lpghbrightnessset function can enter a sleeping state, while the led’s brightnessset callback must be non-blocking. The LPG driver should use brightnesssetblocking instead...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: jfs: Prevent copying of nlink with a value of 0 from the disk inode. syzbot reported a deadlock in diFree. 1 When calling “ioctl$LOOPSETSTATUS64”, the offset value passed in is 4, which does not match the mounted loop device...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: exfat: Fixed a reference count leak in exfatfind. Fixed reference count leaks related to exfatgetdentryset in exfatfind. The function exfatgetdentryset would increment the reference counter of es-bh on success. Therefore,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: dell-wmi-sysman: Do not perform hex dumping of plaintext password data. The setnewpassword function performs hex dumping of the entire buffer, which contains plaintext password data, including current and new...
Astra Linux - уязвимость в linux-5.10
A double-free bug in the packetsetring function in net/packet/afpacket.c can be exploited by a local user through crafted syscalls to escalate privileges or deny services. We recommend upgrading the kernel to a version that is not affected by this bug, or rebuilding the code after the...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftsethash: Unaligned atomic read on struct nftsetext Access to the genmask field in struct nftsetext results in an unaligned atomic read: 72.130109 Unable to handle kernel paging requests at virtual address...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: Fixed a memory leak in setsspcomplete. A memory leak was fixed in setsspcomplete, where the mgmtpendingcmd structures are not freed after they are removed from the pending list. Commit 302a1f674c00 “Bluetooth:...
Astra Linux - уязвимость в ffmpeg, ffmpeg5
FFmpeg v.n6.1-3-g466799d4f5 allows for an over-reading of the buffer at ffgradfunblurlinemovdqasse2, as demonstrated by a call to the setencoderid function in the /fftools/ffmpegenc.c component...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Ring-Buffer: Fixed buffer locking in ringbuffersubbuforderset. Expanded the critical section in ringbuffersubbuforderset to ensure that error handling occurs with a per-buffer mutex held, thereby preventing list corruption and...
Astra Linux - уязвимость в xorg-server
A flaw was discovered in the Xorg-x11-server. A out-of-bounds access issue may occur in the ProcXkbSetGeometry function due to improper validation of the request length...
Astra Linux - уязвимость в mariadb-10.3
A issue was discovered in the Field::setdefault component of MariaDB Server v10.6 and earlier versions. This issue allows attackers to cause a Denial of Service DoS attack through specially crafted SQL statements...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Handled errors that nilfspreparechunk may return. The patch series “nilfs2: fix issues with rename operations” addresses several issues. It fixes BUGON check failures reported by syzbot during rename operations, as wel...
Astra Linux - уязвимость в net-snmp
Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials could use an improperly formatted OID in a SET request to the nsVacmAccessTable, causing a NULL pointer derefrence. Version 5.9.2 includes a patch to addre...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Media: i2c: ar0521: Use the CANsleep version of gpiodsetvalue If we use GPIO reset from the I2C port expander, we must use the CANsleep variant of GPIO functions. This was not done in the ar0521poweron/ar0521poweroff functions...
Astra Linux - уязвимость в linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VFs to remove the administratively set MAC address. Currently, when a PF Powerful User administratively sets the MAC address of a VF, and the VF is put down i.e., the VF attempts to delete all MAC...
Astra Linux - уязвимость в gdcm
There is a heap-based buffer overflow vulnerability in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted, malformed file can lead to memory corruption. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: In the fbdev subsystem, within the vt8623fb function, there is a issue where the value of screensize is calculated based on user input. If an improper value is provided by the user, the value of screensize may be larger than...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc Lazy garbage collection for rbtree during insertions may collect end interval elements that have just been added during these transactions. These elements are skipped, as...