Astra Linux - уязвимость в tiff

The "Divide By Zero" error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, the fix is available in the commit f3a5e010...

Astra Linux - уязвимость в imagemagick

ImageMagick 7.0.10-34 allows division by zero in the OptimizeLayerFrames function in MagickCore/layer.c, which may lead to a denial of service...

Astra Linux - уязвимость в imagemagick

A flaw was discovered in ImageMagick, specifically in the files MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of the type unsigned char, and...

Astra Linux - уязвимость в imagemagick

In GammaImage of /MagickCore/enhance.c, depending on the gamma value, it is possible for a divide-by-zero condition to occur when a specially crafted input file is processed by ImageMagick. This could affect the availability of the application. The patch uses PerceptibleReciprocal to prevent such...

Astra Linux - уязвимость в imagemagick

A flaw was discovered in ImageMagick versions prior to 7.0.11. In versions before 7.0.11, a division by zero in the sRGBTransformImage function within MagickCore/colorspace.c could lead to undefined behavior when processing a malicious image file submitted by an attacker through an application th...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a bug in extent parsing when ehentries == 0 and ehdepth 0. When traversing inode extents, the ext4extbinsearchidx function assumes that the extent header has been validated previously. However, there are no checks ...

Astra Linux - уязвимость в vim

"Divide By Zero" in the GitHub repository "vim/vim" before version 9.0.1247...

Astra Linux - уязвимость в linux-5.10, linux

A memory leak flaw, along with potential division by zero and integer overflow issues, have been detected in the Linux kernel’s V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as the VIDIOCSDVTIMINGS ioctl. This could allow a local user to crash the...

Astra Linux - уязвимость в vim

"Divide By Zero" in the GitHub repository for vim/vim before version 9.0.1367...

Astra Linux - уязвимость в wireshark

Due to a failure in validating the length provided by a CP2179 packet crafted by an attacker, Wireshark versions 2.0.0 through 4.0.7 are vulnerable to a denial-of-service attack that exploits this flaw...

Astra Linux - уязвимость в ghostscript

A divide-by-zero issue was discovered in epsprintpage within gdevepsn.c in Artifex Software GhostScript 9.50. This issue allows remote attackers to cause a denial of service by opening crafted PDF files...

Astra Linux - уязвимость в freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. This issue only affects clients. An integer underflow can lead to a Denial of Service DOS vulnerability, for example, an abort due to WINPRASSERT with default compilation flags. When an...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cpumap: The xdprxqinfo structure must be initialized to zero before running the XDP program. When running an XDP program that is associated with a cpumap entry, we do not initialize the xdprxqinfo data structure, which is used in...

Astra Linux - уязвимость в python-django

A issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are vulnerable to a denial-of-service attack due to very large inputs containing a specific sequence of characters...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: proximity: hx9023s: Protect against division by zero in setsampfreq Avoid division by zero when the sampling frequency is not specified...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: tps53679 Fixed array access with zero-length block reads. i2csmbusreadblockdata can return 0, indicating a zero-length read. In such cases, tps53679identifychip accesses bufret - 1, which is actually buf-1. This results in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: ipa: The event ring index was corrected; it was not programmed correctly for IPA v5.0+. For IPA v5.0+ onwards, the event ring index field has been moved from CHCCNTXT0 to CHCCNTXT1. In IPA v5.0, this field was intended to be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: Rejects zero-length fixed buffer imports. The validatefixedrange function allows for the use of bufaddr at the exact end of the registered region when len is zero. This occurs because the check uses a strict...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: rtw89 – Fixed the potential zero-beacon-interval issue in beacon tracking. During fuzz testing, it was discovered that bssconf-beaconint might be zero, which could lead to a division-by-zero error in subsequent...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ceph: Added initializers for the cephpathinfo structure when they were missing. The cephmdscbuildpath function must be called with a cephpathinfo parameter initialized to zero. Otherwise, the cephmdscfreepathinfo function may...