60054 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fsdax: Force the dirty mark to be cleared if CoW is used XFS allows CoW on non-shared extents to combat fragmentation1. The old non-shared extent can be rewritten before use; its dax entry is marked as “dirty”. This results in a...
Astra Linux – Vulnerability in Linux
In the file drivers/pci/hotplug/rpadlpar/sysfs.c within the Linux kernel up to version 5.11.8, the RPA PCI Hotplug driver suffers a user-tolerable buffer overflow when writing a new device name to the driver from user space. This allows user space to write data directly to the kernel stack frame...
Astra Linux - уязвимость в gimp
GIMP XWD File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a...
Astra Linux – Vulnerability in WebKit2GTK
A out-of-bounds write issue has been addressed through improved input validation. This issue is fixed in iOS 15.6, iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, and Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: dccp: Fixed a race condition around the dp-dccpsmsscache variable. The dccpsendmsg function reads the dp-dccpsmsscache before locking the socket. The same issue occurs in dodccpgetsockopt. Added annotations for...
Astra Linux - уязвимость в chromium
Before version 146.0.7680.153, read and write operations in WebGL in Google Chrome allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Critical...
Astra Linux – Vulnerability in Chromium
Before version 91.0.4472.77, TabStrip in Google Chrome allowed an attacker who convinced a user to install a malicious extension to perform an out-of-bounds memory write through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 92.0.4515.107, Autofill in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in libmodbus
A issue was discovered in libmodbus before versions 3.0.7 and 3.1.x, prior to 3.1.5. There is a vulnerability related to the MODBUSFCWRITEMULTIPLEREGISTERS function, also known as VD-1301...
Astra Linux – Vulnerability in ntfs-3g
The file handle created in fuselibopendir, and later used in fuselibreaddir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ata: satadwc460ex: Fixed a crash that occurred due to out-of-bounds writing. The driver utilizes the “tag” values from various arrays provided by libata. Since the mentioned patch increased ATATAGINTERNAL to 32, the value of...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: fix race condition between ext4write and ext4convertinlinedata Hulk Robot reported a BUG: ================================================================== EXT4-fs error device loop3: ext4mbgeneratebuddy:805: group 0, bloc...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: The issue of losing the “young/dirty” bits during the pagemap scan has been fixed. The function makeuffdwpwppte used to perform these operations was previously executed as follows: c pte = ptepgetptep;...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - In blkdeviomapbegin, the EOF check has been refined. - In blkdeviomapbegin, the offset is rounded down to the logical block size before being stored in iomap-offset. It is also checked that the size remains within the inode...
Astra Linux - уязвимость в linux-5.15
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2WRITE, when there is a large length in the zero DataOffset case...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: udf: Fixed a slab-out-of-bounds write bug in udffindentry Syzbot reported a slab-out-of-bounds Write bug: loop0: A capacity change from 0 to 2048 was detected. ==================================================================...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: can: bcm: bcmtxsetup: fixed KMSAN uninit-value in vfswrite Syzkaller reported the following issues: ===================================================== BUG: KMSAN: uninit-value in aiorwdone fs/aio.c:1520 inline BUG: KMSAN:...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: arm64: The issue was fixed in the concurrently setting of insnemulation sysctls. The emulationprochandler function changes table-data for procdointvecminmax. However, it may cause an OOPs error if called concurrently with itself:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm: Do not attempt to NUMA-migrate COW pages that have other uses. Oded Gabbay reported that enabling NUMA balancing causes corruption in his Gaudi accelerator test. He described the situation as follows: “All the details are in...