18102 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fix for u8 overflow By continuously sending L2CAPCONFREQ packets, chan-numconfrsp increases multiple times, eventually exceeding the maximum number i.e., 255. This patch prevents this issue by adding a bounda...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: HCI: Fixed global-out-of-bounds issue To loop a variable-length array, hciinitstagesyncstage considers that stagei is valid as long as stagei-1.func is valid. Thus, the last element of stage.func should be...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Security. The supported versions affected by this vulnerability are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK:...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Added a length limitation for the ivrsacpihid command-line parameter. The acpiid buffer in the parseivrsacpihid function may overflow, because the string specifier in the fscan function lacks a width limitation. Found ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend When the system is suspended while audio is active, the sofipc4pcmhwfree function is invoked to reset the pipelines. During suspension, the DSP is turned off,...
Astra Linux – Vulnerability in Netty
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high-performance protocol servers and clients. In Netty-Codec-Compression versions 4.1.124.Final and below, as well as Netty-Codec versions 4.2.4.Final and below, when supplied with specially...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: block: nullblk: end timed out poll request When a poll request times out, it is removed from the poll list. However, since the request is not completed, it becomes exposed and never gets a chance to be processed. This issue is...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: block: Fixed an incorrect offset in biotruncate The biotruncate function clears the buffer outside of the last block of bdev. However, the current implementation of biotruncate uses the wrong offset for the page. As a result, it...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: watchqueue: Fix for filter limit check In watchqueuesetfilter, there are several places where we check that the filter type value does not exceed what the typefilter bitmap can hold. One place calculates the number of bits using...
Astra Linux – Vulnerability in ModSecurity-Apache
ModSecurity is an open-source, cross-platform Web application firewall WAF engine for Apache, IIS, and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of service in a specific scenario: when the payload’s content type is application/json, and there is at least one rule that...
Astra Linux – Vulnerability in Qemu
An infinite loop flaw was discovered in the e1000 NIC emulator of QEMU. This issue occurs when processing transmit tx descriptors in processtxdesc, especially if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Fixed the null-ptr-deref read operation in txBegin. Syzkaller reported a issue where txBegin might be called on a superblock within a read-only mounted file system, leading to a NULL pointer dereference. This issue can b...
Astra Linux – Vulnerability in Zabbix
Reflected XSS attacks occur when a malicious script is reflected from a web application into the victim’s browser. The script can be activated through action form fields, which are sent as requests to a website with vulnerabilities that allow the execution of malicious scripts...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/sched: schets: do not peek at classes beyond ‘nbands’ When the number of DRR classes decreases, the round-robin active list may contain elements that have already been freed in etsqdiscchange. As a result, it’s possible to...
Astra Linux – Vulnerability in docker.io-app
Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is vulnerable to cache poisoning if the image is built FROM scratch. Additionally, changes to certain instructions—especially HEALTHCHECK and ONBUILD—do not trigger cache...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ice: Do not perform transmission before switchdev is fully configured. There is a possibility that iceeswitchportstartxmit might be called while some resources are still not allocated, which could lead to a NULL pointer derefrenc...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeofstruct kvmxsave. The starting uABI size of KVM’s guest FPU was set to ‘struct kvmxsave’, which corresponds to KVM’s historical uABI size. When saving the FPU state for a use...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is necessary to return the received buffers if streaming cannot be started. For example, mediapipelinestart may fail with an EPIPE error if a link validation...
Astra Linux – Vulnerability in python-rsa
In Python-RSA before version 4.1, leading '\0' bytes are ignored during the decryption of ciphertext. This could potentially have security-related implications, such as allowing an attacker to infer that an application uses Python-RSA. Alternatively, the length of the accepted ciphertext may affe...
Astra Linux – Vulnerability in exiv2
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying metadata of image files. A heap buffer overflow has been discovered in Exiv2 versions v0.27.3 and earlier. The heap overflow occurs when Exiv2 is used to write metadata into a specially crafted image fil...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: Fixed a possible name leak in rioregistermport. If deviceregister returns an error, the name allocated by devsetname needs to be freed. This should be done using putdevice, so that the reference in the error path is...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: EDAC/highbank: Fixed a memory leak in highbankmcprobe. When devresopengroup fails, it returns -ENOMEM without freeing the memory allocated by edacmcalloc. Call edacmcfree at the error handling path to avoid a memory leak. bp:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: pinctrl: thunderbay: fixed a possible memory leak in thunderbaybuildfunctions The thunderbayaddfunctions function will free memory associated with thunderbayfuncs when everything is correct. However, thunderbayfuncs will not be...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Only IB representatives are reloaded when lag is disabled/enabled. When lag is disabled, the bond’s IB device, along with all its representatives, are destroyed. Then, the slaves’ representatives are reloaded. If the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm: zynqmpdp: Fixed integer overflow in zynqmpdprateget This patch addresses a potential integer overflow in zynqmpdprateget. The issue arises when the expression drmdpbwcodetolinkratedp-test.bwcode 10000 is evaluated using...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fixed a null-point-dereference issue in fmtsinglename. Check the return value of devmkstrdup in case of null-point-dereference...
Astra Linux – Vulnerability in exempi
The XMP Toolkit version 2020.1 and earlier versions is affected by a Buffer Underflow vulnerability, which could lead to the execution of arbitrary code in the context of the current user. Exploiting this issue requires user interaction, as the victim must open a malicious file...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: skbuff: In skbSegment, call zero-copy functions before using skbuff fragments. The commit bf5c25d60861 added the call to zero-copy functions in skbSegment. This change introduced a bug in skbSegment, as skborphanfrags may...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: ARM: OMAP2+: display: Fixed refcount leak bug In omapdssinitfbdev, offindnodebyname will return a node pointer with the refcount incremented. We should use ofnodeput when it is no longer needed...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: mac802154: fixed the missing INITLISTHEAD in ieee802154ifadd. The kernel fault injection test reports a NULL pointer dereference as follows: BUG: NULL pointer dereferencing in the kernel; address: 0000000000000008 RIP:...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcantxhandler: fixed the issue where skb was freed after it had been used. The canPUTechoskb function clones a skb and then frees it. This function should be moved directly before the start of the xmit in hardware for...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Added ofnodeput before wcdb934xcodecparsedata. The devicenode pointer is returned by ofparsephandle with the refcount incremented. We should use ofnodeput on it after the operation is completed. This is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
A use-after-free vulnerability in the Linux Kernel’s iouring system can be exploited to achieve local privilege escalation. The iofilegetfixed function lacks the presence of ctx-uringlock, which can lead to a Use-After-Free vulnerability due to a race condition where fixed files become...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: max9286: Free control handler. The control handler is exposed in some probe-time error paths, as well as in the remove path. This issue has been fixed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: exfat: Fixed a reference count leak in exfatfind. Fixed reference count leaks related to exfatgetdentryset that could occur in exfatfind. The function exfatgetdentryset will increment the reference counter of es-bh upon succes...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions of FreeRDP are subject to a null pointer dereference that can lead to a crash in the RemoteFX rfx handling. Within the rfxprocessmessagetileset function, the program allocates...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: net: altera: Fixed the reference count leak in alteratsemdiocreate. In every iteration of foreachchildofnode, the reference count of the previous node is decremented. When exiting a foreachchildofnode loop, we need to explicitly...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed the xid leak in cifscreate If the cifs function has already been shut down, we should release the xid before returning it; otherwise, the xid will be leaked...
Astra Linux – Vulnerability in libxstream-java
XStream is a Java library for serializing objects to XML and back again. In XStream before version 1.4.16, there was a vulnerability that could allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. However, users who followed the...
Astra Linux – Vulnerability in Thunderbird
The Matrix JavaScript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker working alongside a malicious home server could create messages that appeared to be sent by another person, without any indication such as a gray shield. Additionally, a sophisticated...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: Codecs: va-macro: Fix for accessing an array out of bounds for an enum type. Accessing enums using integers would result in accessing an array out of bounds on platforms like aarch64, where sizeoflong is 8 compared to the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mac80211: The issue in ieee80211scanrx involves checking the skb length. This code requires hard-coded compile-time constants for determining the header length check. Instead, a dynamic determination based on the frame type shoul...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ubifs: Fixed races between xattrset|get and listxattr operations. Some issues may occur when performing concurrent xattrset|get and listxattr operations, such as assertion failures, memory corruption, and stale xattr values1. The...
Astra Linux – Vulnerability in ntfs-3g
A properly crafted NTFS image can lead to a NULL pointer dereference in ntfsextent inodeopen in NTFS-3G 2021.8.22...
Astra Linux – Vulnerability in sane-backends
A NULL pointer dereferencing in the saneiepsonnetread function in SANE backends before version 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, known as GHSL-2020-075...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: The issue related to GPF in bitmapgetstats has been fixed. The commit message for commit 6ec1f0239485 “md/md-bitmap: fix stats collection for external bitmaps” states: “Remove the external bitmap check, as statistic...
Astra Linux – Vulnerability in binutils
A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It is an integer overflow that leads to a segmentation fault in bfddwarf2findnearestline in dwarf2.c, as demonstrated by the nm tool...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Fixed the enumeration of protocols in the base protocol. When enumerating the protocols implemented by the SCMI platform using BASEDISCOVERLISTPROTOCOLS, the number of protocols returned is currently validated ...
Astra Linux – Vulnerability in Chromium
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “comedi: runflags cannot determine whether to reclaim chanlist” The syzbot reported a memory leak 1. This was because commit 4e1da516debb “comedi: Add reference counting for Comedi command handling” did not account for the...