Astra Linux - уязвимость в linux

In the file drivers/pci/hotplug/rpadlpar/sysfs.c within the Linux kernel up to version 5.11.8, the RPA PCI Hotplug driver suffers a user-tolerable buffer overflow when writing a new device name to the driver from user space. This allows user space to write data directly to the kernel stack frame...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipvlan: added an helper function for ipvlanroutev6outbound Inspired by reports from syzbot, which use multiple ipvlan devices in their stacks. The stack size required in ipvlanprocessv6outbound can be reduced by moving the...

Astra Linux - уязвимость в isc-dhcp

In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP e.g., releases in the 4.0.x series or earlier, and releases in the 4.3.x series are beyond their End-of-Life period and are no longer supported by ISC. It is clear that this defect is also present in releases...

Astra Linux - уязвимость в ntfs-3g

NTFS-3G versions prior to 2021.8.22 may experience a stack buffer overflow when correcting differences between the MFT Mounted File Table and MFTMirror. This can lead to code execution or an escalation of privileges when using the setuid-root account...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/32: Fixed the hard lockup that occurred due to vmap stack overflow. Since the commit c118c7303ad5 “powerpc/32: Fixed vmap stack – Do not activate the MMU before reading the task struct”, a vmap stack overflow would result...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Fixed an array bounds error with maygoto. Maygoto uses an additional 8 bytes on the stack, which causes the interpreters array to go out of bounds when calculating the index using stacksize. 1. If a BPF program is...

Astra Linux - уязвимость в fig2dev

A flaw was discovered in xfig. This vulnerability allows for possible code execution through local input manipulation using the bezierspline function...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Netfilter: nftables: exthdr: fix for 4-byte stack OOB write issue. If priv-len is a multiple of 4, then dstlen / 4 can write beyond the destination array, leading to stack corruption. This mechanism is necessary to handle the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: The WARNON message was removed from the f2fsisvalidblkaddr function. The Syzbot triggers two WARN messages in f2fsisvalidblkaddr and isbitmapvalid. For example, in f2fsisvalidblkaddr, if the type parameter is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/eprobes: Do not allow eprobes to use $stack, or % for regs While working with event probes eprobes, I tried to see what would happen if I attempted to retrieve the instruction pointer %rip knowing that event probes do not...

Astra Linux - уязвимость в libjettison-java

Those who use Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser runs on user-supplied input, an attacker may provide content that causes the parser to crash due to a stack overflow. This vulnerability could facilitate a Denial of Servic...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: BPF: Protection against integer overflows when accessing stack memory. This patch reintroduces protection against the situation where the size of memory accessed via the stack is negative. The access size can appear negative due ...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some parts of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. However, the size of these operations is determined separately in...

Astra Linux - уязвимость в usbutils

The vulnerability of the readlinkrecursive function in the USBUtils utility is related to buffer overflow on the stack. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

Astra Linux - уязвимость в gst-plugins-base1.0

In GStreamer through 1.26.1, the subparse plugin’s parsesubriptime function may write data beyond the bounds of a stack buffer, resulting in a crash...

Astra Linux - уязвимость в qemu

A stack overflow vulnerability was discovered in the Intel HD Audio device intel-hda of QEMU. A malicious guest could exploit this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The greatest threat posed by this vulnerability is to system availability. Thi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Do not include the stack pointer register in precision backtracking bookkeeping. Yi Lai reported an issue 1\ where the following warning appears in the kernel’s dmesg output: 60.643604 verifier backtracking bug 60.643635...

Astra Linux - уязвимость в qemu

A potential stack overflow issue due to an infinite loop was identified in various NIC emulators of QEMU, in versions up to and including 5.2.0. The issue occurs in the loopback mode of a NIC, where reentrant DMA checks are bypassed. A guest user/process may exploit this flaw to consume CPU cycle...

Astra Linux - уязвимость в espeak-ng

It was discovered that Espeak-ng 1.52-dev contains a Stack Buffer Overflow issue due to the function RemoveEnding in the dictionary.c file...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: fixed a stack buffer overflow in hcilebigcreatesync. The hcilebigcreatesync function uses DEFINEFLEX to allocate a struct hcicplebigcreatesync on the stack, with 0x11 17 slots available. However, conn-numbi...