12602 matches found
Astra Linux – Vulnerability in aom
The file aomdsp/graintable.c in the libaom library within AOMedia, which was available before March 2021, contains a use-after-free vulnerability...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel up to version 6.2.7, fs/ntfs3/inode.c contains an invalid kfree function because it does not validate the MFT flags before replaying logs...
Astra Linux – Vulnerability in edk2
The BootPerformanceTable pointer is retrieved from an NVRAM variable within PEI. It is recommended that the PcdFirmwarePerformanceDataTableS3Support be set to FALSE...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables – Do not compare internal table flags during updates. If a table update does not modify the flags, skip the transaction...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fixed a double-free in arfscreategroups. When the memory allocated by kvzalloc fails, arfscreategroups will free ft-g and return an error. However, arfscreatetable, the only function calling arfscreategroups, will hold...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loops when trying to resize the local TT. If the MTU of one of the attached interfaces becomes too small to transmit the local translation table, then it must be resized to fit within all fragments when...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: The issue of using NULL for folio handling in movepageshugepmd has been fixed. movepageshugepmd handles UFFDIOMOVE operations for both normal THPs and huge zero pages. For the huge zero page, srcfolio is explicitly...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables – The flag for the discard table is updated, with the pending basechain being deleted. The hook for unregistration is deferred to the commit phase. The same applies to hook updates triggered by the table...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fixed the flushtlbrange function when it is used to zap normal PMD entries PMD entries that point to page tables, along with the PTE entries in the pointed-to page table. In the arm64 version of flushtlbrange, there is a...
Astra Linux – Vulnerability in Linux
In the IPv6 implementation in the Linux kernel before 5.13.3, the net/ipv6/outputcore.c file has an information leak due to certain uses of a hash table. This hash table is large, but it does not properly take into account that IPv6-based attackers can typically choose from many IPv6 source...
Astra Linux – Vulnerability in net-snmp
Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable could lead to an out-of-bounds memory access. A user with read-write credentials could exploit this issue. Versio...
Astra Linux - уязвимость в freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Added a null pointer check for inode operations This adds a sanity check for the iop pointer of the inode, which is returned after reading the Root directory MFT record. We should check that the iop is valid before...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/xe/hmm: Do not dereference struct page pointers without holding the notifier lock. The pnfs that we obtain from hmmrangefault point to pages that we do not own. The guarantee that these pages are still in the CPU page tabl...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Added a spectre boundary for the syscall dispatch table. The s390 syscall number is directly controlled by the user space, but there is no arrayindexnospec boundary to prevent access beyond the syscall function...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: OPP: Fix for devpmoppfindbw when the bandwidth table is not initialized. If a driver calls devpmoppfindbwceil/floor to retrieve the bandwidth from the OPP table, but the bandwidth table was not created because the interconnect...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table By fixing socdevattr to register the SOC as a device, the kernel will encounter an OOPs error in socdevicematchattr. This quirks test was introduced in the staging driver in t...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: wilc1000: using vmmtable as an array in the wilc struct. Enabling KASAN and running some iperf tests causes some memory issues related to vmmtable. Bug: KASAN: Out-of-bounds write in wilcwlanhandletxq+0x6ac/0xdb4. A size of...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed an out-of-bounds shift in CalculateVMAndRowBytes REASON When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dmllog2 returns an unexpected negative value: The shift exponent...
Astra Linux – Vulnerability in SQLite3
In SQLite 3.31.1, there is an out-of-bounds access issue involving the ALTER TABLE operation for views that contain nested FROM clauses...