12597 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ACPI: PPTT: Fixed an issue that caused sleep in the atomic context when PPTT is absent. The commit 0c80f9e165f8 “ACPI: PPTT: Leave the table mapped for the runtime usage” fixes this issue by enabling the mapping of PPTT once duri...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protecting of L2 SPTEs in TDP MMU when clearing dirty status Check kvmmmupageadneedwriteprotect when deciding whether to write-protect or clear D-bits on TDP MMU SPTEs. This ensures that the TDP MMU takes into...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Avoid running off the end of an AMD erratum table. The NULL array terminator at the end of erratum1386microcode was removed during the switch from x86cpudesc to x86cpuid. This causes readers to run off the end of the...
Astra Linux - уязвимость в gdisk
In the LoadPartitionTable function of gpt.cc, there is a potential out-of-bounds write vulnerability due to a missing bounds check. This could lead to a local escalation of privileges when inserting a malicious USB device, without the need for additional execution privileges. User interaction is...
Astra Linux - уязвимость в sqlite
In SQLite version 3.22.0, databases whose schemas are corrupted using the CREATE TABLE AS statement could lead to a NULL pointer dereferencing issue, related to build.c and prepare.c...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskdestroysock, with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskbindhash; However, the syzkaller’s log...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ARM: ep93xx: Added a terminator to gpiodlookuptable Without the terminator, if a conid is passed to gpiofind, and the conid does not exist in the lookup table, the function will not stop looping correctly, potentially leading to ...
Astra Linux - уязвимость в espeak-ng
It was discovered that Espeak-ng 1.52-dev contains a buffer overflow issue due to a function called SetUpPhonemeTable in the synthdata.c file...
Astra Linux – Vulnerability in gdcm
There is a heap-based buffer overflow vulnerability in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted, malformed file can lead to memory corruption. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Set buffer sampling frequency for accelerometer only The stlsm6dsxhwfifoodrstore function, which is called when the user space writes the buffer sampling frequency sysfs attribute, calls stlsm6dsxcheckodr,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: The hash table is now created per queue. Sharing a global hash table among all queues is tempting, but it can lead to crashes. Bug: KASAN: A “slab-use-after-free” issue exists in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxrproc: Fix invalid loaded resource table detection The imxrprocelffindloadedrsctable function may incorrectly report a loaded resource table even when the current firmware does not provide one. When the device tree...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: The existing SPTE is preserved even when creating an MMIO SPTE. When installing an emulated MMIO SPTE, do so after preserving the existing SPTE if it is shadow-present. However, the fix proposed in commit 54aa15c6bd...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: udp: When a connected socket is disconnected, the 4-tuple hash table’s auto-bound connected state is not properly hashed. Suppose we bind a UDP socket to a wildcard address with a non-zero port, connect the socket to a specific...
Astra Linux - уязвимость в u-boot
A carefully crafted self-referential DOS partition table will cause all Das U-Boot versions up to 2019.07-rc4 to infinitely recur, causing the stack to grow indefinitely. This could lead to a system crash or the overwriting of other data...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/xe: Added a bounds check on patindex to prevent out-of-bounds kernel reads in madvise. When the user provides a bogus patindex value through the madvise IOCTL, the xepatindexgetcohmode function performs an array access...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: bonding: Fix for NULL dereference of ndtbl when IPv6 is disabled When booting with the ‘ipv6.disable=1’ parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called, which is responsible for...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Skip discovery table for offline dies This warning can be triggered if NUMA is disabled and the system boots with fewer CPUs than the number of CPUs in die 0. WARNING: CPU: 9 PID: 7257 at uncore.c:1157...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fixed the internal port memory leak. The flow rule can be split, and additional postact rules are added to the postact table. It’s possible to trigger a memory leak when the rule forwards packets from an internal port...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/kasan: Fixed an issue where the early region was not updated correctly. The shadow’s page table is not updated when PTERPNSHIFT is 24 and PAGESHIFT is 12. This not only causes false positives but also false negatives, ...