18102 matches found
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: espintcp: A race condition in espintcpclose has been fixed. This issue was discovered during a code audit. After espintcpclose is called, espintcptxwork can still be scheduled using functions like the Delayed ACK handler or...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter. removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock, when invoked from futexrequeue. In the latter case,...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: eventpoll: Fixed an UAF Use-After-Free issue with epremovestruct eventpoll and struct file. The epremove function via epremovefile clears the file-fep field under file-flock, but then continues using @file within the critical...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: bonding: Fixed a use-after-free in bondxmitbroadcast. bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it for others. Concurrent slave enslave/release operations may mutat...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net/tls: The use-after-free issue in the -EBUSY error handling path of tlsdoencryption has been fixed. The -EBUSY handling in tlsdoencryption, introduced with commit 859054147318 “net: tls: handle backlogging of crypto requests”,...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: bpf: The reuseport cBPF prog is freed after the RCU grace period. Eulgyu Kim reported the issue below with a reproduction example. The reproduction example sets up a UDP reuseport group with a cBPF prog and replaces it with a new...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: net: skbuff: Fixed an issue where a missing zerocopy reference was present in the pskbcarve helpers. Both pskbcarveinsideheader and pskbcarveinsidenonlinear copy the old skbsharedinfo header into a new buffer using memcpy. Thi...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: Fixed a issue where partial COW operations by pedit led to corruption of the page cache. tcfpeditact calculates the COW range for skbensurewritable once before the key loop, using tcfpoffmaxhint. However, this hint...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ppp: The requirement for CAPNETADMIN in the target netns is necessary for unattached IOCTls. The opening of /dev/ppp is currently allowed for file-fcred-userns, while unattached administrative IOCTls operate on...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ipv6: Proper accounting of fraggap on the paged allocation path In ip6.AppendData, when the paged-allocation branch is taken MSGMORE / NETIFFSG / large fraglen, alloclen and pagedlen are computed as follows: alloclen =...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush dev-IOTLB only when the PCIe device is accessible in scalable mode. The commit 4fc82cd907ac “iommu/vt-d: Do not issue ATS invalidation requests when the device is disconnected” relies on pcidevisdisconnected to...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, a underflow of the sizet variable in the IMA-ADPCM and MS-ADPCM audio decoders led to a heap-buffer-overflow issue through the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADPCM and MS-ADPCM...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two distinctly different samples of NEC uPD720200 one with a start/stop bug, one without it were observed to cause IOMMU faults after some “Missed Service Errors”. Th...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: A potential memory leak has been fixed in tw9903probe. In one of the error paths in tw9903probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. This issue has been fixed by calling...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ocfs2: The BUG function was replaced with ocfs2error in ocfs2MoveExtent. In ocfs2MoveExtent, the BUG function was changed to ocfs2error simply to avoid causing the entire kernel to crash due to filesystem corruption...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurred in the decoding process of the ClearCodec band when crafted band coordinates allowed writes beyond the end of the destination surface buffer. A malicious server...
Astra Linux – Vulnerability in hdf5
HDF5 through 1.14.3 contains a stack buffer overflow issue in H5Rdecodeheap, which leads to corruption of the instruction pointer and causes denial of service or potential code execution...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in the functions kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA located in WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c could cause crashes in any FreeRDP...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, there was a buffer overflow vulnerability in freerdpbitmapdecompressplanar when SrcSize was 0. The function dereferences srcp which points to pSrcData without first verifying that SrcSize is greater than or...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: In the chips-media: wave5 module, the order of device cleanup was corrected to prevent kernel panic. The process of removing video devices was moved to the beginning of the removal function to ensure that all video operations are...
Astra Linux – Vulnerability in Flatpak
Flatpak is a Linux application sandboxing and distribution framework. Prior to version 1.16.4, the caching mechanism for ld.so removed outdated cache files without properly checking whether the app’s control over the path to the outdated cache was valid within the cache directory. This allowed...
Astra Linux – Vulnerability in freeipa
A flaw was identified in the FreeIPA API audit; it sends the entire FreeIPA command line to journalctl. As a result, during the FreeIPA installation process, administrative user credentials—including the administrator’s password—are inadvertently leaked into the journal database. In the worst-cas...
Astra Linux – Vulnerability in edk2
EDK2 contains a vulnerability in the BIOS, where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” through local access. Successful exploitation of this vulnerability could lead to possible information disclosure or escalation of privileges, thereby affecting...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-16 and 6.9.13-41, there was a vulnerability where a memory allocation failure in the sixel encoder could lead to writing beyond the end of a buffer on the stack. This vulnerability...
Astra Linux – Vulnerability in GIMP
GIMP PSP File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: hwrng: core – Use RCU and workstruct to fix race conditions Currently, the hwrngfill function is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside of the rngmutex lock, a concurrent...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extension of kfunc call arguments kfunc calls are native calls, so they should follow LoongArch calling conventions. Sign extension of arguments should be performed properly to avoid kernel panic. This is...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: Fixed a NULL dereferencing on devlinkalloc failure. Devlinkalloc may return NULL when allocation fails, but presteradevlinkalloc will unconditionally call devlinkpriv on the returned pointer. This can lead...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Buffer validation was corrected by including the size of the null-terminating character in the EA length. The smb2setea function, which handles Extended Attributes EA, conducted buffer validation checks that incorrectly...
Astra Linux – Vulnerability in firewalld
A flaw was discovered in firewalld. A local unprivileged user can exploit this vulnerability by misauthorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This misauthorization allows the user to modify the runtime firewall state without proper authentication,...
Astra Linux – Vulnerability in Firefox, Thunderbird
JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
Astra Linux – Vulnerability in Chromium
Type Confusion in V8 in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fixed the handling of device lifecycle in cssallocsubchannel. cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: regmap: Fixed a race condition in the hwspinlockirqsave routine. Previously, the address of the shared member &map-spinlockflags was passed directly to hwspinlocktimeoutirqsave. This created a race condition where multiple contex...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: arm64: Added support for TSV110 Spectre-BHB mitigation. The TSV110 processor is vulnerable to the Spectre-BHB Branch History Buffer attack, which can be exploited to leak information through branch prediction side channels. This...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: btrfs: In the send operation, it is necessary to check for inline extents within the rangeisholeinparent function. Before accessing the diskbytenr field of a file extent item, we need to check whether we are dealing with an inlin...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: Fixed a memory leak in the error path. A memory leak was addressed in usbkeeneprobe. The v4l2 control handler was initialized, and controls were added. However, if v4l2deviceregister or videoregisterdevice fai...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: macvlan: fixed a possible Use-after-Allocation UAF in macvlanforwardsource. Added RCU protection for the vlan field in struct macvlansourceentry. Whenever macvlanhashdelsource is called, we must clear the entry-vlan pointer befor...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release the per-CPU pgmap reference when vminsertpage fails. When vminsertpage fails in p2pmemallocmmap, p2pmemallocmmap does not invoke percpurefput to free the per-CPU reference to pgmap acquired after...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: Fixed memory leaks in XDR decoding error paths. The functions gssxdecctx, gssxdecstatus, and gssxdecname allocate memory through gssxdecbuffer, which calls kmemdup. When a subsequent decoding operation fails, the...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fixed a deadlock that occurred when returning a delegation during the open function. Ben Coddington reported seeing a hang in the following stack trace: 0 ffffd0b50e1774e0 schedule at ffffffff9ca05415 1 ffffd0b50e177548...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Team: Move teamdevicetypechange to the end of teamportadd. Attempting to add a port device that is already up will, unsurprisingly, fail. However, this failure occurs before modifying the teamdeviceheaderops. In the case of the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: Do not cause a crash when the msc-input field is missing. Fake USB devices can send their own report descriptors, for which the inputmapping hook is not called. In this case, msc-input remains NULL, leading to a...
Astra Linux – Vulnerability in Ruby 3.1
Zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0, and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zstreambufferungets function prepends bytes provided by the caller before previously produced...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: do not free existing class in qfqchangeclass This fix addresses the issue with the qfqchangeclass function. The cl-qdisc and cl fields should only be freed if a new class and qdisc are allocated; otherwise,...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91-sama5d2adc: Fixed a potential use-after-free in the sama5d2adc driver. The at91adcinterrupt function can call the at91adctouchdatahandler function to initiate the processing via schedulework&st-touchst.workq. If we...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Fixed a potential underflow in virtiotransportgetcredit. The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: c ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer reduces its...
Astra Linux – Vulnerability in libheif
libheif is a decoder and encoder for HEIF and AVIF file formats. In versions 1.21.2 and earlier, a malformed HEIF sequence file could trigger an out-of-bounds read during core sequence parsing, leading to DoS Denial of Service. A malformed file may have stcoentrycount == 0 meaning no chunks are...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: wan/fslucchdlc: Fixed the dmafreecoherent function in uhdlcmemclean. The priv-rxbuffer and priv-txbuffer are allocated together as contiguous buffers in uhdlcinit, but they are freed as two separate buffers in uhdlcmemclean...
Astra Linux – Vulnerability in libheif
libheif is a decoder and encoder for HEIF and AVIF file formats. In versions 1.21.2 and earlier, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track’s chunk table could cause a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader...