18102 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU. The runtime PM suspend callback does not know whether the IRQ handler is in progress on a different CPU core and therefore does not wait for it to finish. Dependi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not skip unrelated mode changes during DSC validation. Starting with the commit 17ce8a6907f7 drm/amd/display: Add dsc pre-validation in atomic check, amdgpu resets the modeChanged flag to false when recomputin...
Astra Linux – Vulnerability in libslirp
An invalid pointer initialization issue was discovered in the SLiRP networking implementation of QEMU. The flaw resides in the bootpinput function and can occur when processing an UDP packet that is smaller than the size of the ‘bootpt’ structure. A malicious guest could exploit this flaw to leak...
Astra Linux – Vulnerability in libslirp
An invalid pointer initialization issue was discovered in the SLiRP networking implementation of QEMU. The flaw exists in the udp6input function and can occur when processing an UDP packet that is smaller than the size of the ‘udphdr’ structure. This issue may lead to out-of-bounds read access or...
Astra Linux – Vulnerability in Chromium
The use of After Free in the Network component in Google Chrome before version 116.0.5845.96 allowed a remote attacker who had induced a browser shutdown to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Handling of errors from attrsetsize when truncating files. If attrsetsize fails during file truncation, the error is silently ignored, and the inode may remain in an inconsistent state...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: IMA: Verify that the IMA buffer from the previous kernel is within the addressable RAM. Patch series “Address page fault in imarestoremeasurementlist”, version 3. When the second-stage kernel is booted using kexec with a limiting...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: arm64: io: The memory type of the user is extracted in ioremapprot. The only function that calls ioremapprot outside of the generic ioremap implementation is genericaccessphys, which passes a pgprott value determined from the use...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Landlock: Fixed the handling of disconnected directories. Disconnected files or directories may appear when they are visible and opened from a bind mount, but have been renamed or moved from the source of the bind mount in a w...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ARM: versatile: Added ofnodeput in dcscbinit. The devicenode pointer is returned by offindcompatiblenode, with the reference count incremented. We should use ofnodeput to avoid the reference count leak...
Astra Linux – Vulnerability in evolution-data-server
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client by dereferencing a NULL pointer, by sending an invalid e.g., minimal CAPABILITY line during a connection attempt. This issue is related to the imapxfreecapability and imapxconnecttoserver functions...
Astra Linux – Vulnerability in fly-wm
The vulnerability of the fly-adjust-palette utility in the window graphical manager fly-wm is related to the manipulation of the zero pointer. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The referenced commit moved the idr initialization too early in flchange, which allows concurrent users to access the filter that is still being initialized and is in an inconsiste...
Astra Linux – Vulnerability in Firefox and Thunderbird
Malicious websites could have tricked users into accepting the launch of a program to handle an external URL protocol. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
Astra Linux – Vulnerability in Firefox
Mozilla developers and community members reported memory safety bugs in Firefox 87. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versio...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed a key reference count leak from call-key. When creating a client call in rxrpcallocclientcall, the code obtains a reference to the key. This reference is never cleaned up, resulting in a leak when the call is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Makes kvmgetvcuByCPUid more robust The kvmgetvcuByCPUid function takes a cpuid parameter of type int; therefore, the cpuid value can be negative. To make this function more robust, let kvmgetvcuByCPUid return NULL...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pd-mapper: Fixed the element length in servreglocpfrreqei. The element length declared in servreglocpfrreqei does not match the reason field of servreglocpfrreq. This caused a decoding error during PD crashes...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Handle the deactivation of DBCs when the owner leaves. When a DBC is released, the device sends a QAICTRANSDEACTIVATEFROMDEV transaction to the host via the QAICCONTROL MHI channel. QAIC handles this by calling...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: The error handling for pagepool has been fixed in lan966xfdmarxallocpagepool. pagepoolcreate may return an ERRPTR on failure. This return value is used unconditionally in the subsequent loop, and the error pointer i...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Networks: Ethernet: mtkppe: Avoid NULL dereferencing when gmac0 is disabled. If gmac0 is disabled, the precheck for a valid ingress device will cause a NULL pointer dereferencing, leading to a system crash. This occurs because...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the bpf code, there is a fix for a use-after-free of sk-sksocket in skpsockverdictdataready. The syzbot reported a use-after-free of the sk-sksocket of an AFUNIX socket in skpsockverdictdataready. 0 In the unixstreamsendmsg...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPUVARESERVEDTRAPSIZE to 64KB Currently, AMDGPUVARESERVEDTRAPSIZE is hardcoded to 8KB, while KFDCWSRTBATMASIZE is defined as 2 PAGESIZE. On systems with 4K pages, both values match 8KB, so allocation and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: futex: It is required that sysfutexrequeue has identical flags. Nicholas reported that his LLM found it possible to create a UaF when sysfutexrequeue is used with different flags. The initial motivation for allowing different fla...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nvmem: zynqmpnvmem: Fixed the buffer size in DMA and memcpy. The buffer size used in DMA allocation and memcpy is incorrect. This can lead to undersized DMA buffer accesses and potential memory corruption. Use the correct buff...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: schedext: Fixed stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID causing a spurious warning in markdirectdispatch when the next wakeup’s ops.selectcpu calls scxbpfdsqinsert. For example:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xsk: Validates the MTU against the usable frame size when binding. The AFXDP binding currently accepts zero-copy pool configurations without verifying that the device’s MTU fits within the usable frame space provided by the UMEM...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: txgbe: Space is now reserved for null terminators in propertyEntry. The lists of struct propertyEntry are supposed to be terminated with an empty property. Currently, this driver seems to allocating exactly the amount of spa...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the rollback of the switchdev mode in case of failure. If for some internal reason the switchdev mode fails, we roll back to the legacy mode. Before this patch, rolling back would unregister the uplink netdev and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: xilinx: xdma: Fixed error handling for regmap init. The devmregmapinitmmio function now returns ERRPTR upon an error, instead of NULL. The error check has also been fixed, and the error message has been corrected. T...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfs: Fixed a kernel bug in netfslimititer, specifically for ITERKVEC iterators. When a process crashes and the kernel writes a core dump to a 9P filesystem, kernelwrite creates an ITERKVEC iterator. This iterator calls...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix for constant blinding in PROBEMEM32 stores The immediate stores of BPFST|BPFMEM32 are not handled by bpfjitblindinsn. This allows user-controlled 32-bit immediate values to survive blinding and be included in JIT-compile...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In isotpsendmsg, cmpxchg is used to serialize access to so-tx.buf. isotprelease waits for ISOTPIDLE via waiteventinterruptible and then calls kfreeso-tx.buf. If a signal interrupts waiteventinterruptible inside close when tx.stat...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390/entry: Scrub r12 register on kernel entry Before the commit of f33f2d4c7c80 “s390/bp: remove TIFISOLATEBP”, all entry handlers loaded r12 with the current task pointer lg %r12, LCCURRENT for use by the BPENTER/BPEXIT macros...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed the OOB write issue in QUERYINFO for compound requests. When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd might write beyond...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
A issue was discovered in the Linux kernel before version 6.1.11. In net/netrom/afnetrom.c, there is a use-after-free condition, as “accept” is also allowed for a successfully connected AFNETROM socket. However, for an attacker to exploit this vulnerability, the system must have netrom routing...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from APIs through a crafted Chrome Extension. Chromium security severity: Low...
Astra Linux – Vulnerability in xorg-server
A vulnerability, which was classified as problematic, has been identified in the X.org Server. The affected component is the function ProcXkbGetKbdByName in the file xkb/xkb.c. This vulnerability causes a memory leak. It is recommended that a patch be applied to address this issue. The identifier...
Astra Linux – Vulnerability in giflib
Before February 16, 2019, a malformed GIF file would trigger a divide-by-zero exception in the decoder function DGifSlurp in dgiflib.c, especially when the height field of the ImageSize data structure was equal to zero...
Astra Linux – Vulnerability in exiv2
There is a heap-based buffer overflow issue in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunkint.cpp in Exiv2 0.26. A crafted PNG file can lead to a remote denial-of-service attack...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: sched/debug: The issue of dentry leaks during the updatescheddomaindebugfs function has been fixed. Kuyo reports that the pattern of using debugfsremovedebugfslookup causes a dentry leak. With a hotplug stress test, the machine...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: ACPI: GTDT: Do not corrupt interrupt mappings during watchdog probe failures When the driver probe fails due to invalid firmware properties, the GTDT driver unmaps the interrupt that was previously mapped. However, it never check...
Astra Linux – Vulnerability in dnsmasq
A single-byte, non-arbitrary write/use-after-free flaw was discovered in dnsmasq. This flaw allows an attacker to send a crafted packet processed by dnsmasq, potentially causing a denial of service...
Astra Linux – Vulnerability in xrdp
XRDPT is an open-source remote desktop protocol RDP server. In affected versions, an integer underflow leading to a heap overflow in the SESMAN server allows any unauthenticated attacker who can access the SESMAN server locally to execute code as root. This vulnerability has been patched in versi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: iris: Fixed NULL pointer dereferencing. A warning reported by smatch indicated a potential NULL pointer dereferencing issue, where one of the arguments to the API “irishfigen2handlesystemerror” might sometimes be null. To...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fixed a potential buffer overflow caused by snprintf. snprintf returns the potentially filled size when the string exceeds the given buffer size. Therefore, using this value may lead to a buffer overflow althoug...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: schcake: A out-of-bounds access issue was fixed during the parsing of TCP options and headers. The TCP option parser in cake qdisc cakegettcpopt and caketcphmaydrop could read one byte out of bounds. When the length of the data...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed the RX consumer index logic in the error path. In bnxtrxpkt, the RX buffers are expected to complete in order. If the RX consumer index indicates an out-of-order buffer completion, it means we are encountering a...
Astra Linux – Vulnerability in Tiff
A buffer overflow vulnerability has been discovered in Libtiff V.4.0.7. This vulnerability allows a local attacker to cause a denial of service through the tiffcp function in tiffcp.c...
Astra Linux – Vulnerability in libpgjava
The PostgreSQL JDBC Driver abbreviated as PgJDBC allows Java programs to connect to a PostgreSQL database using standard, database-independent Java code. The implementation of the java.sql.ResultRow.refreshRow method in PgJDBC does not escape column names, which means that a malicious column name...