59506 matches found
Astra Linux - уязвимость в libheif
In Libheif 1.17.6, insufficient checks during the decoding of a heif file using ImageOverlay::parse can lead to out-of-bounds read and write operations when processing a file containing an overlay image with forged offsets...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: can:bcm:bcmtxsetup: fixed the KMSAN uninit-value issue in vfswrite. Syzkaller reported the following issues: ===================================================== BUG: KMSAN: uninit-value in aiorwdone, file fs/aio.c:1520 inlin...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: BPF: Avoid holding the freezemutex during the mmap operation. We use the freezemutex to prevent race conditions between the mapfreeze function and memory mapping operations with writable permissions. The way we currently handle...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid crashes when inline data creation occurs after DIO write When an inode is created and written using direct I/O, there is no way to clear the EXT4STATEMAYINLINEDATA flag. As a result, when the inode is truncated to jus...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Flush the inode if the atomic file is aborted. We need to flush the inode that was aborted during the atomic operation, to avoid stale dirty inodes during eviction in this call stack: f2fsmarkinodedirtysync+0x22/0x40 f2f...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ipv6: Annotated data-race in ndiscrouterdiscovery The syzbot found that ndiscrouterdiscovery could read and write in6dev-ramtu without holding a lock 1 This seems fine, as long as IFLAINET6RAMTU is implemented with best effort. A...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: The issue where “racy” might inline data checks during dio write has been fixed. According to syzbot, the following warning from ext4iomapbegin is triggered as of the referenced commit: c if WARNONONCEext4hasinlinedatainode...
Astra Linux - уязвимость в grub2
A flaw was discovered in grub2. A specially crafted JPEG file can cause the JPEG parser in grub2 to incorrectly check the boundaries of its internal buffers, leading to an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is still a concer...
Astra Linux - уязвимость в chromium
In Mojo within Google Chrome, before version 99.0.4844.51, unauthorized memory access allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page...
Astra Linux - уязвимость в chromium
Before version 92.0.4515.107, Autofill in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: netfs: Fixed an oops in the write-retry function due to accidentally resetting the subreq iterator. The reset of the subrequest iterator in netfsretrywritestream was corrected to use the iterator-reset function, as the iterato...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid potential deadlocks. The function f2fstrylockop was used in f2fswritecompressedpages to prevent potential deadlocks, just as we did in f2fswritesingledatapage...
Astra Linux - уязвимость в linux
A out-of-bounds memory write flaw was discovered in the Linux kernel’s joystick devices subsystem in versions prior to 5.9-rc1. This flaw allows a local user to crash the system or potentially escalate their privileges on the system. The greatest threat posed by this vulnerability is related to...
Astra Linux - уязвимость в chromium
Before version 137.0.7151.55, using V8 in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Before version 92.0.4515.131, writing out-of-bounds data using Tab groups in Google Chrome allowed an attacker who convinced a user to install a malicious extension to perform an out-of-bounds memory write via a crafted HTML page...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: fixed a bug where a missing return value check was present. In the smb2sendinterimresp function, if ksmbdallocworkstruct fails to allocate a node, it returns a NULL pointer to the inwork pointer. This can lead to an...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Staging: iio: frequency: ad9832: Fix for division by zero in ad9832calcfreqreg. In the ad9832writefrequency function, clkgetrate might return 0. This can lead to a division by zero when calling ad9832calcfreqreg. The check if fou...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: The read pointer is updated only after the buffer has been written. Within mhiepringaddelement, the read pointer rdoffset is updated before the buffer is written. This may lead to race conditions, where the host see...
Astra Linux - уязвимость в gnutls28
A heap-buffer-overflow off-by-one flaw was discovered in the GnuTLS software during the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption a...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Packet: Annotate data-races around ignoreoutgoing The function ignoreoutgoing is executed without a read lock, from devqueuexmitnit and packetgetsockopt. Add appropriate READONCE/WRITEONCE annotations. Bug reported by syzbot: BUG...