Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/userevents: Ensure that the write index cannot be negative. The write index indicates which event the data corresponds to and accesses a per-file array. This index is passed by user processes during write calls as the fir...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: 9p/net: fixed improper handling of bogus negative read/write responses. In p9clientwrite and p9clientreadonce, if the server incorrectly responds with a success message but a negative write/read count, then we would consider the...

Astra Linux - уязвимость в chromium

The use of after free in Blink in Google Chrome before version 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в chromium

Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в vim

Out-of-bounds write-up in the GitHub repository’s Vim/Vim version prior to 9.0.1145...

Astra Linux - уязвимость в chromium

Integer overflow in the Window Manager in Google Chrome on the Chrome OS and Lacros before version 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out-of-bounds memory write via crafted UI interactions. Chrome security severity: Hig...

Astra Linux - уязвимость в linux-5.10, linux

A memory write vulnerability that is outside the bounds of the system’s protection was discovered in the Linux kernel’s Kid-friendly Wired Controller driver. This vulnerability allows a local user to crash the system or potentially escalate their privileges. The issue lies in the bigbenprobe...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Clean up only the newly added IRQ mapping when requestirq fails. The mlx5irqalloc function may inadvertently free the entire rmap, leading to a crash when other threads attempt to access it. This issue occurs when...

Astra Linux - уязвимость в exempi

The XMP Toolkit SDK version 2020.1 and earlier is affected by a write-what-where condition vulnerability that occurs during the application’s memory allocation process. This may cause the memory management functions to become mismatched, resulting in local application denial of service in the...

Astra Linux - уязвимость в chromium

Accessing the out-of-bounds V8 API in Google Chrome before version 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в binutils

The readelf.c file in GNU Binutils 2.32 contains an integer overflow vulnerability that allows attackers to trigger a write access violation in the byteputlittleendian function in elfcomm.c through an ELF file, as demonstrated by readelf...

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 3609 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIF file. For users who compile LibTIFF from source code, the fix is available in the comm...

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 368 of libtiff/tifunix.c. This vulnerability is invoked by lines 2903 and 6778 of tools/tiffcrop.c. This allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fixed the ordering in queuedwritelockslowpath While this code is executed with waitlock held, a reader can acquire the lock without holding waitlock. The writer checks the value using atomiccondreadacquire, but...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: Ensure that snduna is properly initialized upon connection. This issue is strictly related to the commit fb7a0d334894 „mptcp: Ensure that sndnxt is properly initialized upon connection“. It turns out that syzkaller can...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fixed races between xattrset|get and listxattr operations. Some issues may occur when performing concurrent xattrset|get and listxattr operations, such as assertion failures, memory corruption, and stale xattr values1. Thi...

Astra Linux - уязвимость в cpio

In GNU Cpio from version 2.13 onwards, attackers can execute arbitrary code by using a crafted pattern file. This occurs due to a dstring.c dsfgetstr integer overflow, which triggers an out-of-bounds heap write. NOTE: It is unclear whether there are common cases where the pattern file, associated...

Astra Linux - уязвимость в linux

The fs/seqfile.c file in the Linux kernel versions 3.16 through 5.13.x, prior to 5.13.4, does not properly restrict seq buffer allocations. This results in an integer overflow, an Out-of-bounds Write, and an escalation of privileges to the root user by an unprivileged user, identified as...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: can:bcm:bcmtxsetup: fixed the KMSAN uninit-value issue in vfswrite. Syzkaller reported the following issues: ===================================================== BUG: KMSAN: uninit-value in aiorwdone, file fs/aio.c:1520 inlin...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: BPF: Avoid holding the freezemutex during the mmap operation. We use the freezemutex to prevent race conditions between the mapfreeze function and memory mapping operations with writable permissions. The way we currently handle...