Astra Linux – Vulnerability in libpodofo

A flaw was discovered in PoDoFo 0.9.7. An uncontrolled recursive call within the PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow issue...

Astra Linux - уязвимость в exempi

The XMP Toolkit SDK version 2020.1 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...

Astra Linux - уязвимость в vim

Stack-based Buffer Overflow in the GitHub repository for vim/vim before version 9.0.0598...

Astra Linux - уязвимость в libjettison-java

An infinite recursion occurs in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This results in a StackOverflowError exception being thrown...

Astra Linux - уязвимость в djvulibre

A flaw was discovered in djvulibre-3.5.28 and earlier. A stack overflow occurred in the function DJVU::DjVuDocument::getdjvufile, due to a malicious djvu file, which could lead to the application crashing and other related issues...

Astra Linux - уязвимость в vim

Stack-based Buffer Overflow in the GitHub repository for vim/vim before version 9.0...

Astra Linux - уязвимость в curl

Curl versions 7.21.0 through 7.73.0 are vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...

Astra Linux - уязвимость в linux-5.15

A flaw was discovered in KVM AMD Secure Encrypted Virtualization SEV within the Linux kernel. A KVM guest that uses SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler...

Astra Linux - уязвимость в snakeyaml

Those who use Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser runs on user-supplied input, an attacker may provide content that causes the parser to crash due to a stack overflow. This vulnerability could potentially allow for a Denial of...

Astra Linux – Vulnerability in Netty

The Netty project is an event-driven, asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError could occur when parsing a malformed message due to infinite recursion. This issue has been fixed in version 4.1.86.Final. There is no workaround, except by...

Astra Linux - уязвимость в busybox

There is a stack overflow vulnerability in ash.c:6030 in busybox before version 1.35. In the environment of the Internet of Vehicles, this vulnerability can lead to the execution of arbitrary code from commands...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rcu: Avoid stack overflow due to rcuirqenterchecktick being kprobed. Registering a kprobe for rcuirqenterchecktick can cause a kernel stack overflow. This issue can be reproduced by enabling CONFIGNOHZFULL and booting the kernel...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8723bs: Fixed a stack buffer overflow issue during the parsing of the OnAssocReq IE. The length of the Supported Rates IE from an incoming Association Request frame was directly used as the length for the memcpy...

Astra Linux - уязвимость в grub2

A stack overflow flaw was discovered while reading a BFS file system. A specially crafted BFS file system may lead to an uncontrolled loop, causing grub2 to crash...

Astra Linux - уязвимость в libmysofa

LibMySOFA 0.9.1 has a stack-based buffer overflow issue in the readDataVar function in hdf/dataobject.c, during the reading of a header message attribute...

Astra Linux - уязвимость в ofono

A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug occurs within the decodestatusreport function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through SMS...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RISCV: Fixed a race condition when vmap stack overflow occurs. Currently, when detecting vmap stack overflow, RISCV first switches to the so-called shadow stack, and then uses this shadow stack to call getoverflowstack, in order ...

Astra Linux - уязвимость в exempi

The XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...

Astra Linux - уязвимость в nbd

In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBDOPTINFO or NBDOPTGO message with a large value as the length of the name...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: powercap: armscmi: Recursion during zone parsing was removed. Powercap zones are defined as being arranged in a hierarchical tree structure. When registering a zone using powercapregisterzone, the kernel’s powercap subsystem...