72402 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: wifi: mt76: fix linked list corruption Never leave scheduled wcid entries on the temporary on-stack list...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: mISDN: fixed an issue involving misuse of putdevice in mISDNregisterdevice. We should not release references to putdevice before calling deviceinitialize...
Astra Linux - уязвимость в libmodbus
A stack-based buffer overflow vulnerability exists in libmodbus v3.1.10; it allows for the overflow of the buffer allocated for Modbus responses if the function attempts to respond to a Modbus request with an unexpected length...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: objtool, nvmet: Fixed an out-of-bounds stack access in nvmetctrlstateshow. The cstsstatenames array contains only six sparse entries, but the iteration code in nvmetctrlstateshow iterates seven times, leading to a potential...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: HID: intel-thc-hid: intel-quicki2c: Fixed the ACPI DSD ICRS/ISUB length issue. The QuickI2C ACPI DSD methods return ICRS and ISUB data with a trailing byte, causing the actual length to be one byte more than the defined struct...
Astra Linux - уязвимость в exempi
The XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...
Astra Linux - уязвимость в dpdk
NVIDIA’s distribution of the Data Plane Development Kit MLNXDPDK contains a vulnerability in the network stack, where error recovery is not handled properly. This vulnerability can allow a remote attacker to cause denial of service, as well as affect data integrity and confidentiality...
Astra Linux - уязвимость в djvulibre
A flaw was discovered in djvulibre-3.5.28 and earlier. A stack overflow occurred in the function DJVU::DjVuDocument::getdjvufile, due to a malicious djvu file, which could lead to the application crashing and other related issues...
Astra Linux - уязвимость в opensc
A stack overflow vulnerability exists in the OpenSC smart card middleware before version 0.23, due to improper responses to APDUs...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed page reclamation for dead peer hairpin When adding a hairpin flow, a send queue is created on the peer net device’s side, which claims some host memory pages for its internal ring buffer. If the peer net devic...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Check the dsbr size from the EFI variable Since the size of the struct btinteldsbr is already known, we can simply start checking there instead of querying the size of the EFI variable. If the final result doe...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: Fixed issues related to data races around sk-skforwardalloc. Syzkaller reported this warning: ---------------- Cut here ------------------- WARNING: CPU: 0 PID: 16 Location: net/ipv4/afinet.c:156,...
Astra Linux - уязвимость в open-iscsi
A issue was discovered in Contiki version 3.0. A out-of-bounds read vulnerability exists in the uIP TCP/IP stack component when calculating checksums for IP packets in the upperlayerchksum function in net/ipv4/uip.c...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KEYS: Trusted: dcp: Fix improper use of sg with CONFIGVMAPSTACK=y When CONFIGVMAPSTACK=y is enabled, DCP-trusted keys may crash during the encoding and decryption of the blob encryption key via the DCP crypto driver. This issue...
Astra Linux - уязвимость в poppler
Versions of Poppler from 24.06.1 through 25.x, prior to 25.04.0, allowed stack consumption and a SIGSEGV due to deeply nested structures within the metadata of a PDF document such as GTSPDFEVersion. This issue occurred in functions like Dict::lookup, Catalog::getMetadata, and related functions in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: Fix for writes in read-only memory regions. This commit addresses an error in the kernel due to a write operation in a read-only memory region: 9.068287 Unable to handle kernel write to read-only memory at virtual...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a stack-out-of-bounds write in devmap. The getupperifindexes function iterates over all upper devices and writes their indices into an array without checking bounds. Additionally, the calling functions assume that the...
Astra Linux - уязвимость в glibc
nscd: Stack-based buffer overflow in netgroup cache If the fixed-size cache of the Name Service Cache Daemon nscd is exhausted due to client requests, then a subsequent client request for netgroup data may lead to a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cach...
Astra Linux - уязвимость в expat
In Expat also known as libexpat, before version 2.4.5, an attacker could trigger stack exhaustion in buildmodel by using a large nesting depth in the DTD element...
Astra Linux - уязвимость в sqlite3
In SQLite 3.30.1, selectExpander in select.c continues with the WITH stack unwinding process even after a parsing error occurs...