Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: fixed a stack buffer overflow in hcilebigcreatesync. The hcilebigcreatesync function uses DEFINEFLEX to allocate a struct hcicplebigcreatesync on the stack, with 0x11 17 slots available. However, conn-numbi...

Astra Linux - уязвимость в opensc

Buffer overflow issues were identified in Opensc before version 0.22.0 in various locations, which could potentially cause programs using the library to crash...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: qcs615: fixed a crash issue caused by an infinite loop for Coresight. An infinite loop was created by the Coresight devices. When only a source device is enabled, the coresightfindactivatedsysfssink function is...

Astra Linux - уязвимость в libpodofo

In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete in PdfParserObject.cpp, which may lead to a stack overflow. Remote attackers could exploit this vulnerability to cause a denial-of-service attack, or potentially cause other unspecified impacts...

Astra Linux - уязвимость в espeak-ng

It was discovered that Espeak-ng 1.52-dev contains a Stack Buffer Overflow issue due to the function RemoveEnding in the dictionary.c file...

Astra Linux - уязвимость в connman

ConnMan also known as Connection Manager versions 1.30 to 1.39 have a stack-based buffer overflow issue in the uncompress function of dnsproxy.c, occurring due to the use of NAME, RDATA, or RDLENGTH fields for the A or AAAA records...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Do not allow sockmapclose,destroy,unhash to call itself. Proto callback functions in sockmap should never call themselves by design. Protect against bugs like 1 and break out of the recursive loop to avoid a stac...

Astra Linux - уязвимость в connman

The client.c file in gdhcp within ConnMan, as of version 1.41, can be exploited by network-adjacent attackers who operate a crafted DHCP server. This exploitation can lead to a stack-based buffer overflow and a denial of service attack, resulting in the termination of the connman process...

Astra Linux - уязвимость в xrdp

xrdp is an open-source RDP server. Before version 0.10.5, xrdp contained an unauthenticated stack-based buffer overflow vulnerability. The issue arises from improper bounds checking when processing user domain information during the connection process. If exploited, this vulnerability could allow...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tipc: Improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structures from peer nodes to track their views of the network topology. This patch verifies tha...

Astra Linux - уязвимость в libde265

A stack-buffer-overflow exists in libde265 v1.0.8 through fallback-motion.cc in the putepelhvfallback function when running the dec265 program...

Astra Linux - уязвимость в json-smart

Json-smart is a performance-oriented JSON processor library. When encountering a '' or '' character in the JSON input, the code parses an array or an object respectively. It was discovered that the code has no limitations on the nesting of such arrays or objects. Since the parsing of nested array...

Astra Linux - уязвимость в jackson-databind

In Jackson-Databind versions prior to 2.13.0, there was a possibility of a Java StackOverflow exception and a denial of service issue due to the large depth of nested objects...

Astra Linux - уязвимость в imagemagick

Stack-based buffer overflow and unconditional jump in ReadXPMImage in coder/xpm.c in ImageMagick 7.0.10-7...

Astra Linux - уязвимость в dcmtk

A security vulnerability has been detected in DCMTK up to version 3.6.5. The affected element is the parseQuota function of the dcmqrscp component. Manipulating the StorageQuota argument leads to a stack-based buffer overflow. Access to local resources is required to exploit this vulnerability. T...

Astra Linux - уязвимость в firefox

The WebAudio OscillatorNode object was vulnerable to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox versions less than 122...

Astra Linux - уязвимость в redis

Redis is an open-source, in-memory database that persists data on disk. In versions starting from 7.0.0 up to before 8.0.2, there was a stack-based buffer overflow vulnerability in redis-check-aof due to the use of memcpy with strlenfilepath when copying a user-supplied file path into a fixed-siz...

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is a stack-based buffer overflow in the nfshandler reply helper function: nfsmountreply...

Astra Linux - уязвимость в linux, linux-5.10

A stack overflow flaw was discovered in the Linux kernel’s TIPC protocol functionality. This flaw occurs when a user sends a packet containing malicious content, where the number of domain member nodes exceeds the allowed limit of 64. This flaw allows a remote user to crash the system or...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Networks: Fixed a stack overflow issue when LRO is disabled for virtual interfaces. When the features of a virtual interface are updated, the updated features are synchronized with its underlying interfaces. This synchronization...