59389 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netfs: Fixed a NULL pointer dereferencing in netfsunbufferedwrite, when a write subrequest is marked as NETFSSREQNEEDRETRY. When the retry path in netfsunbufferedwrite calls stream-preparewrite without checking whether...
Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed a race condition when updating an existing write request. After the nfslockandjoinrequests function checks whether the request is still attached to the mapping, nothing prevents a call to nfs inoderemoverequest from...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: remoteproc: Fixed the count check in rproccoredumpwrite. The check for the count being 0 was corrected to avoid a potential underflow. The check is identical to that in rprocrecoverywrite...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Fuse: Block access to folio overlimit. SyZ reported a slab-out-of-bounds Write in fusedevdowrite. When the number of bytes to be retrieved is truncated to the upper limit by fc-maxpages, and there is an offset, the out-of-bounds...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Media: Venus: HFI – Added a check to handle OOB writes in the SFR region. The value of sfr-bufsize is stored in shared memory and can be modified by malicious users. OOB writes are possible when the size of the buffer is increase...
Astra Linux - уязвимость в u-boot
In “Das U-Boot through 2020.01”, a double-free operation was detected in the cmd/gpt.c file’s dorenamegptparts function. Double-freeing can lead to a “write-what-where” condition, allowing an attacker to execute arbitrary code. NOTE: This vulnerability was introduced when attempting to fix a memo...
Astra Linux - уязвимость в linux-5.15, linux, linux-5.10
A issue was discovered in lib/kobject.c in the Linux kernel before version 6.2.3. With root access, an attacker can trigger a race condition that results in an out-of-bounds write of the fillkobjpath variable...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
The qfqchangeclass function in net/sched/schqfq.c in the Linux kernel before version 6.2.13 allows a out-of-bounds write vulnerability, as lmax can exceed QFQMINLMAX...
Astra Linux - уязвимость в chromium
The use of after-free in the UI of Google Chrome before version 102.0.5005.61 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: Medium...
Astra Linux - уязвимость в ntp
In the mstolfp.c file within NTP 4.2.8p15, there is a buffer overflow vulnerability when adding a decimal point. An adversary may be able to attack a client’s ntpq process, but they cannot attack the ntpd process...
Astra Linux - уязвимость в chromium
The use of after-free in ANGLE in Google Chrome before version 96.0.4664.93 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в firefox
An attacker could write data to the user’s clipboard by bypassing the user prompt during a certain sequence of navigation events. This vulnerability affects Firefox 129, Firefox ESR 128.3, and Thunderbird 128.3...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tty: serial: sh-sci: fix RSCI FIFO overrun handling The receive error handling code is shared between RSCI and all other SCIF port types. However, for RSCI, the “overrunreg” is specified as a memory offset. For other SCIF types, ...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed the warning from kernelwriteiter 2110.972290 ------------ Cut here ------------ 2110.972301 WARNING: CPU: 3 PID: 735 at fs/readwrite.c:599 kernelwriteiter+0x21b/0x280 This patch does not allow writing to directories...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: Always use ONONBLOCK for read/write operations. The syzbot report indicates that tasks become hung at p9fdclose, due to p9muxpollstop. This occurs because p9connDestroy fails to interrupt kernelread/kernelwrite that...
Astra Linux - уязвимость в chromium
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: added a null check for devmkmallocarray in fdpncii2creaddeviceproperties. devmkmallocarray may fail; fwvsccfg may be null, causing an out-of-bounds write in devicepropertyreadu8array later...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATEBVi in the guest XSAVE state whenever XFDi=1 When loading the guest XSAVE state via KVMSETXSAVE, and when updating XFD in response to a guest WRMSR, clear the XFD-disabled features in the saved or to be...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: media: cxusb: No longer judges rbuf when the write fails syzbot reported a uninit-value in cxusbi2cxfer. 1 Only when the write operation of usbbulkmsg in dvbusbgenericrw succeeds and rlen is greater than 0, the read operation ...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: comedi: Make insnrwemulatebits handle insn-n samples. The insnrwemulatebits function is used as a default handler for INSNREAD instructions for sub-devices that have a handler for INSNBITS but not for INSNREAD. Similarly, it is...