18102 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: ARM: bcm: Fixed a refcount leak in bcmkonasmcinit. The offindmatchingnode function returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Added ofnodeput to avo...
Astra Linux – Vulnerability in libtar
The thread function does not free the variable t-thbuf.gnulonglink after allocating memory, which may lead to a memory leak...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: clk: Get runtime PM before walking the tree during disableunused. Doug reported 1 the following hung task: INFO: task swapper/0:1 was blocked for more than 122 seconds. Not tainted 5.15.149-21875-gf795ebc40eb8 1 “echo 0...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RISCV: Vector: Fixed the context saving/restoring with xtheadvector. Previously, only v0-v7 were correctly saved/restored, and the context of v8-v31 was corrupted. Now, v8-v31 are correctly saved/restored to avoid breaking the us...
Astra Linux – Vulnerability in libsoup2.4
A flaw was discovered in libsoup. The libsoup appendparamquoted function may contain an overflow bug, which can lead to a buffer under-read...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed NULL pointer dereference in the KFD queue. Through KFD IOCTL fuzing, we encountered a NULL pointer dereference when calling kfdqueueacquirebuffers. Cherry-picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: clk: tegra; tegra124-emc: Fixed a potential memory leak. The resources associated with “tegra” and “tegra124-emc” need to be freed during error handling, otherwise they may be leaked...
Astra Linux – Vulnerability in WebKit2GTK
A memory corruption issue has been resolved through improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4, and iPadOS 16.4, as well as iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report...
Astra Linux – Vulnerability in WebKit2GTK
A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in macOS Ventura 13, iOS 16.1, iPadOS 16, and Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: exfat: Fixed the infinite loop in exfatreaddir. If the file system is corrupted in such a way that a cluster links itself to another cluster in the cluster chain, and there is an unused directory entry in the cluster, the variabl...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in dosplit Syzkaller detected a use-after-free issue in ext4insertdentry that was caused by out-of-bounds access due to incorrect splitting in dosplit. BUG: KASAN: use-after-free in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix for NPE during rxcomplete. There is a missing validation of usbnetgoingaway in the critical path. The usbsubmiturb function lacks this validation, while usbnetqueueskb includes this check. This inconsistency creates a...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: FMODEWRITE is required for atomic write IOctls. The F2FS IOctls for starting and committing atomic writes check for inodeownerorcapable, but this does not provide LSMs like SELinux or Landlock with an opportunity to deny...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fixed the trampoline for BPFTRAMPFCALLORIG. When BPFTRAMPFCALLORIG is set, the trampoline calls the bpftrampenter and bpftrampexit functions, passing struct bpftrampimage im as an argument in R0. The trampoline...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode, get a reference to the parent and put it in the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: corrected the incorrect free operation in pinctrlenable. The “pctldev” structure is allocated in devmpinctrlregisterandinit. It’s a devmmanaged pointer that is freed by devmpinctrldevrelease. Therefore, freeing it ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fixed to avoid migrating empty sections. A bug has been reported from a device with zufs: F2FS-fs dm-64: Inconsistent segment type 1, 0 in SSA and SIT. F2FS-fs dm-64: The filesystem was stopped due to reason: 4. Thread A...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Skip the scalar adjustment for BPFNEG if the destination is a pointer. In checkaluop, the verifier currently calls checkregarg and adjustscalarminmaxvals unconditionally for BPFNEG operations. However, if the destination...
Astra Linux – Vulnerability in Python-Django
A issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The striptags method and the striptags template filter are vulnerable to a potential denial-of-service attack due to certain inputs containing large sequences of nested incomplete HTML entities...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ftrace: Added condresched to ftracegraphsethash. When the kernel contains a large number of functions that can be traced, the loop in ftracegraphsethash may take a long time to execute. This may trigger the softlockup watchdog. B...
Astra Linux – Vulnerability in Linux 5.10, Linux
Linux block and network PV device frontends do not zero memory regions before sharing them with the backend CVE-2022-26365, CVE-2022-33740. Additionally, the granularity of the grant table does not allow sharing smaller than a 4K page, resulting in unrelated data residing in the same 4K page as...
Astra Linux – Vulnerability in Mariadb 10.3
MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected MariaDB installations. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...
Astra Linux – Vulnerability in openssl1.0
Calls to the EVPCipherUpdate, EVPEncryptUpdate, and EVPDecryptUpdate functions may cause the output length argument to overflow in some cases where the input length is close to the maximum permissible length for integers on the platform. In such cases, the return value from the function call will...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix for the hang during reboot/shutdown The recent commit 974578017fc1 “iavf: Add waiting so the port is initialized in remove” adds a wait-loop at the beginning of iavfremove, to ensure that port initialization is complete...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: mtd: rawnand: brcmnand: fixed the PM resume warning The warning during PM resume was fixed as shown below, due to an uninitialized struct nandoperation that checks the chip select field: WARNONop-cs = nanddevntargets&chip-base...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: cdceem: Fixed an issue where, when usbnet transmits a skb, it was fixed within eemtxfixup. If skbcopyexpand fails, it returns NULL. In this case, usbnetstartxmit has no chance to free the original skb. The solution is to fir...
Astra Linux – Vulnerability in Chromium
Before version 88.0.4324.182, using "Use after free" in Downloads in Google Chrome on Windows allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Added a encoder check in hdcp2getcapability. Also added a encoder check in intelhdcp2getcapability to avoid null pointer errors...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevented potential UAF Unauthorized Arbitrary File Access. If we encounter the error path, the previous fence if there is one has already been put. Therefore, performing a fencewait might lead to UAF. We need to...
Astra Linux – Vulnerability in Python-Django
A issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter consumes significant memory when dealing with a string representation of a number in scientific notation with a large exponent...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fixed a potential out-of-bound memory access issue. If xdbcbulkwrite fails, the values in ‘buf’ can be anything. Therefore, it is not guaranteed that the string will be terminated with NULL when xdbcTrace is...
Astra Linux – Vulnerability in Python-Django
A issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. A lack of enforcement of an upper-bound limit on strings passed during IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...
Astra Linux – Vulnerability in golang-go.crypto
Applications and libraries that misuse the connection.serverAuthenticate function via the ServerConfig.PublicKeyCallback callback field may be susceptible to authorization bypasses. The documentation for ServerConfig.PublicKeyCallback states that “Calling this function does not guarantee that the...
Astra Linux – Vulnerability in Python-Django
A issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize and urlizetrunc template filters are vulnerable to a denial-of-service attack due to very large inputs containing a specific sequence of characters...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/hugetlb: fixed a situation where the kernel NULL pointer dereference occurred when replacing free hugetlb folios. A kernel crash was observed when replacing free hugetlb folios: BUG: kernel NULL pointer dereference, address...
Astra Linux – Vulnerability in Python-Django
A issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. The urlize and urlizetrunc functions were vulnerable to a potential denial-of-service attack due to certain inputs containing an extremely large number of brackets...
Astra Linux – Vulnerability in binutils
Heap buffer overflow vulnerability in binutils’ readelf before version 2.40, caused by the function findsectioninset in the file readelf.c...
Astra Linux – Vulnerability in docker.io
Moby is an open-source container framework developed by Docker Inc., distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component, dockerd, which was originally developed as “moby/moby”, is commonly referred to as Docker. Swarm Mode ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: added a sanity check for gsm-receive in gsmreceivebuf A null pointer dereference can occur when attempting to access the “gsm-receive” function in gsmldreceivebuf. Currently, the code assumes that gsm-recieve is only...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Audit: Fixed an out-of-bounds read in auditcomparednamepath. When a watch on dir=/ is combined with a fsnotify event for a single-character name directly under / e.g., creating /a, an out-of-bounds read can occur in...
Astra Linux – Vulnerability in Python-Django
A issue was discovered in Django 5.0, prior to versions 5.0.7 and 4.2, prior to version 4.2.14. The derived classes of the django.core.files.storage.Storage base class, when they override generatefilename without replicating the file-path validations from the parent class, may allow directory...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a reference count leak when an invalid session is found during session lookup. When a session is found, but its state is not SMB2SESSIONVALID, it indicates that no valid session was found. However, the reference coun...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ubifs: Fixed a memory leak when insertoldidx failed. The following process will cause a memory leak for the copied znode: dirtycowznode zn = copyznodec, znode; err = insertoldidxc, zbr-lnum, zbr-offs; if unlikelyerr return...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf/arm-cmn: Rejects unsupported hardware configurations. So far, we have been fairly lenient in accepting both unknown CMN models at least with a warning, as well as unknown revisions of those models that we do know about...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: A mechToken leak was fixed when the SPNEGO decoding failed after the token allocation. The kernel’s ASN.1 BER decoder calls action callbacks incrementally as it processes the input. When ksmbddecodenegTokenInit reaches the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock issues When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Decrementing rereceiving on early exit paths In cases where rpcrdmapostrecvs fails to create a work request due to memory allocation failures, for example or exits early, we should decrement ep-rereceiving before...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint: pci-epf-vntb: Remove duplicate resource teardown The epfntbepcdestroy function duplicates the teardown that the caller is supposed to perform later. This leads to an error when .allowlink fails, or when .droplink i...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bnxten: The backing store type is set based on the query type. The bnxthwrmfuncbackingstoreqcapsv2 function stores resp-type from the firmware response in ctxm-type. This value is then used to index fixed backing-store metadata...
Astra Linux – Vulnerability in binutils
A vulnerability has been identified in GNU Binutils 2.45. The affected component is the vfinfo function in the file ldmisc.c. Executing certain manipulations may lead to out-of-bounds read vulnerabilities. This attack can only be executed locally. The exploit has been made available to the public...