59400 matches found
Astra Linux - уязвимость в linux
A memory-bound write flaw 1 or 2 bytes of memory was identified in the Linux kernel’s NFS subsystem, related to the way users use mirroring replication of files via NFS. A user with access to the NFS mount could potentially exploit this flaw to crash the system or escalate privileges on the syste...
Astra Linux - уязвимость в musl
In musl libc through 1.2.1, wcsnrtombs mishandles certain combinations of destination buffer size and source character limit, as demonstrated by an invalid write access buffer overflow...
Astra Linux - уязвимость в chromium
Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в ghostscript
A buffer overflow vulnerability was discovered in base/gdevdevn.c:1973 within devnpcxwriterle in ghostscript. This issue may allow a local attacker to cause a denial of service by generating a malicious PDF file for a DEVN device using gs...
Astra Linux - уязвимость в tiff
LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in the extractContigSamplesShifted24bits function in tools/tiffcrop.c:3604. This vulnerability allows attackers to cause a denial-of-service attack through a crafted TIFF file. For users who compile LibTIFF from source code, the fix is...
Astra Linux - уязвимость в chromium
Before version 96.0.4664.93, using WebRTC in Google Chrome allowed a remote attacker to potentially exploit heap corruption through crafted WebRTC packets...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tty: xilinxuartps: split sysrq handling The lockdep tool detected the following circular locking dependencies: CPU 0 | CPU 1 ============= | ============== cdnsuartisr | printk uartportlockport | consolelock cdnsuartconsolewrite ...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
Incorrect verifier pruning in the BPF module of the Linux kernel version 5.4 and above leads to unsafe code paths being incorrectly marked as safe. This results in arbitrary read/writes to kernel memory, lateral privilege escalation, and container escapes...
Astra Linux - уязвимость в dnsmasq
A single-byte, non-arbitrary write/use-after-free flaw was discovered in dnsmasq. This flaw allows an attacker to send a crafted packet processed by dnsmasq, potentially causing a denial of service...
Astra Linux - уязвимость в vim
Out-of-bounds write in the GitHub repository for Vim/Vim before version 8.2...
Astra Linux - уязвимость в elfutils
The libcpu component, which is used by libasm of elftools version 0.177 git 47780c9e, suffers from denial-of-service vulnerabilities caused by application crashes due to out-of-bounds write CWE-787, off-by-one errors CWE-193, and reachable assertions CWE-617. To exploit these vulnerabilities,...
Astra Linux - уязвимость в dcmtk
There is an improper array index validation vulnerability in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux - уязвимость в dcmtk
There is an improper array index validation vulnerability in the nowindow functionality of OFFIS DCMT 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux - уязвимость в apache2
The out-of-bounds write vulnerability in the modsed module of the Apache HTTP Server allows an attacker to overwrite heap memory with data provided by the attacker. This issue affects Apache HTTP Server version 2.4.2.52 and earlier versions...
Astra Linux - уязвимость в chromium
In Google Chrome on Linux and ChromeOS before version 92.0.4515.107, an attacker who convinced a user to install a malicious extension could perform an out-of-bounds memory write by using a crafted HTML page. This vulnerability allowed the attacker to execute such an operation...
Astra Linux - уязвимость в chromium
A heap buffer overflow in Dawn in Google Chrome prior to version 125.0.6422.76 allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rxe: Returns a CQE error if an invalid lkey is provided. In RXE, there is a lack of update of the WQE status in cases of LOCALwrite failures. This caused the following kernel panic if someone performed an atomic operation...
Astra Linux - уязвимость в chromium
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: vxlan: Data race annotations The “used” and “updated” fields in the FDB entry structure can be accessed concurrently by multiple threads, leading to issues like reported in 1. This issue can be reproduced using 2. These issues...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: fixed the omission of the NOWAIT check for ODIRECT write operations. When iouring initiates a write operation, it calls kiocbstartwrite, which triggers the super block rwsem. This prevents any freezes from occurring...