Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK version 2020.1 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...

Astra Linux – Vulnerability in faad2

There is a stack-based buffer overflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impacts, as the SM array is mishandled...

Astra Linux – Vulnerability in Jackson-Databind

In Jackson-Databind versions prior to 2.13.0, there was a possibility of a Java StackOverflow exception and a denial of service issue due to the large depth of nested objects...

Astra Linux – Vulnerability in libjettison-java

A stack overflow in Jettison prior to v1.5.2 allowed attackers to cause a Denial of Service DoS attack through crafted JSON data...

Astra Linux – Vulnerability in libmodbus

A stack-based buffer overflow vulnerability exists in libmodbus v3.1.10; it allows for the overflow of the buffer allocated for Modbus responses if the function attempts to respond to a Modbus request with an unexpected length...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/32: Fixed the hard lockup that occurred due to vmap stack overflow. Since the commit c118c7303ad5 “powerpc/32: Fixed vmap stack – Do not activate the MMU before reading the task struct”, a vmap stack overflow would result...

Astra Linux – Vulnerability in gst-plugins-base1.0

GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...

Astra Linux – Vulnerability in busybox

There is a stack overflow vulnerability in ash.c:6030 in busybox before version 1.35. In the environment of the Internet of Vehicles, this vulnerability can lead to the execution of arbitrary code from commands...

Astra Linux – Vulnerability in Vim

Vim before version 9.0.2142 has a stack-based buffer overflow issue because the didsetlangmap function in map.c calls sprintf to write to the error buffer, which is then passed to the option callback functions...

Astra Linux – Vulnerability in imagemagick

Stack-based buffer overflow and unconditional jump in ReadXPMImage in coder/xpm.c in ImageMagick 7.0.10-7...

Astra Linux - уязвимость в orc

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8723bs: Fixed a stack buffer overflow issue during the parsing of the OnAssocReq IE. The length of the Supported Rates IE from an incoming Association Request frame was directly used as the length for the memcpy...

Astra Linux – Vulnerability in fig2dev

A flaw was discovered in xfig. This vulnerability allows for possible code execution through local input manipulation using the bezierspline function...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most environments, avoid writing 1 byte past the end of “acpiid” if the “str” argument is at its maximum length...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: dccp: copying the entire header to the stack buffer, not just the basic header Eric Dumazet states that: nfconntrackdccppacket has a unique mechanism: dh = skbheaderpointerskb, dataoff, sizeofdh, &dh; And...

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a potential security issue involving infinite recursion in the MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 addresses this issue...

Astra Linux - уязвимость в imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. Versio...

Astra Linux – Vulnerability in NBD

In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBDOPTINFO or NBDOPTGO message with a large value as the length of the name...

Astra Linux – Vulnerability in zziplib

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service through the zzipFetchDiskTrailer function located in the /zzip/zip.c file...

Astra Linux – Vulnerability in Apache2

Apache HTTP Server versions 2.4.0 to 2.4.46: A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of this overflow being exploitable, nor can the Apache HTTP Server team have created such a report. However, certain compilers and/or compilation options...