18102 matches found
Astra Linux – Vulnerability in Firefox and Thunderbird
When injecting an HTML base element, some requests will ignore the CSP’s base-uri settings and instead accept the base-uri setting of the injected element. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: lt8912b: Fixed crash when detaching a bridge The lt8912b driver, in its bridge-detaching function, calls drmconnectorunregister and drmconnectorcleanup. drmconnectorunregister should only be called for connectors...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: gianfar: ethtool: Fixed a refcount leak in gfargettsinfo The offindcompatiblenode function returns a node pointer with the refcount incremented. We should use ofnodeput on it after processing. Also, add the missing ofnodeput to...
Astra Linux – Vulnerability in Thunderbird
OpenPGP secret keys that were imported using Thunderbird versions 78.8.1 up to 78.10.1 were stored unencrypted on the user’s local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will automaticall...
Astra Linux – Vulnerability in commons-io
In Apache Commons IO before version 2.7, when the FileNameUtils.normalize method was called with an improper input string, such as “//../foo” or “\..\foo”, the result would be the same value. This potentially allowed access to files in the parent directory, but not further up the path thus...
Astra Linux – Vulnerability in Firefox
A ambiguous file picker design could have confused users who intended to select and upload a single file, into uploading an entire directory. This issue was addressed by adding a new prompt. This vulnerability affects Firefox versions earlier than 85...
Astra Linux – Vulnerability in Chromium
In Google Chrome, a data race in audio functionality prior to version 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iio: core: Prevent invalid memory access when there is no parent device. The commit 813665564b3d “iio: core: Convert to use the firmware node handle instead of the OF node” changed the type of nodes used for label retrieval durin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fixed a memory leak in kvmpchpicdestroy. In kvmioctlcreatedevice, kvmdevice allocates memory. kvmdevice-destroy seems to be supposed to free the kvmdevice structure it manages, but kvmpchpicdestroy does not do thi...
Astra Linux – Vulnerability in glib2.0
A flaw was discovered in GLib. The deserialization of GVariant is vulnerable to an exponential blowup issue, where a malicious GVariant can cause excessive processing, resulting in a denial of service...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: mana: cleanup of the mana struct after debugfsremove When hibernation is triggered on a MANA VM, as part of hibernatesnapshot, managdsuspend and managdresume are called. If a failure occurs during managdresume related to HWC...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check debugtrapenable before writing dbgevfile. In an interrupt context, the write dbgevfile operation will be executed via a work queue. This will cause the write dbgevfile operation to be executed after...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Fix: Use strings when defining tracepoints for DA monitors. Using DA monitor tracepoints with KASAN enabled triggers the following warning: Bug: KASAN: Global-out-of-bounds access in doTraceEventRawEventEventDaMonitor+0xd6/0x1a0...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: media: s5pcec: limit msglen to CECMAXMSGSIZE I expect that the hardware will have limited this value to 16, but just in case it isn’t the case, check for this corner case...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mm/slabcommon: The corruption of the slabcaches list after kmemcacheDestroy has been fixed. After the commit in “Fixes”, if a module that creates a slab cache does not release all of its allocated objects before destroying the...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: DM integrity: Error in the call to kmemcachedestroy in dmintegrityinit. Otherwise, the journaliocache will be leaked if dmregistertarget fails...
Astra Linux – Vulnerability in Firefox and Thunderbird
Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 99 and Firefox ESR 91.8. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy through a malicious Chrome Extension...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iavf: Error handling in iavfinitmodule has been fixed. The iavfinitmodule no longer destroys the workqueue when pciregisterdriver fails. Instead, call destroyworkqueue when pciregisterdriver fails to prevent a resource leak. This...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Zoneed: Do not flag “ZEROOUT” on non-dirty extent buffers. Btrfs clears the content of an extent buffer marked as EXTENTBUFFERZONEDZEROOUT before the bio submission. This mechanism is introduced to prevent a write hole ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: s390/bpf: Fixed pointer arithmetic in bpfplt. Kui-Feng Lee reported a crash on the s390x architecture, triggered by the dummystops/dummyinitptrarg test 1: 0x2 bpfstructopstestrun+0x156/0x250 sysbpf+0xa1a/0xd00...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: dpll: Fixed the dpllxarefdel function for multiple registrations. Currently, if there are multiple registrations of the same pin on the same dpll device, the following warnings are observed: WARNING: CPU: 5 PID: 2212 at...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ipvs: fixed an error in ipvsappnetcleanup During the initialization of ipvsappnetinit, if the file ipvsapp fails to be created, the initialization will still succeed by default. Therefore, the ipvsapp file will not be found durin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: soc: ti: tiscipmdomains: Check for a null return from devmkcalloc. The devmkcalloc allocation function may fail and return a null pointer. This could lead to a null-pointer dereferencing later on. It might be better to check this...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: A memory leak has been fixed in the error path of qla2x00processels. The commit number is 8c0eb596baa5 “SCSI qla2xxx: Fix a memory leak in an error path of qla2x00processels”. The intended changes were to modify th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Do not reset the dql stats during a NONFATAL reset. All ibmvnic resets should instead call netdevtxresetqueue when reopening the device. netdevtxresetqueue resets the numqueued and numcompleted byte counters. These stats...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: vlan: fixed an underflow issue related to the realdev refcnt. An error is injected before devholdrealdev in registervlandev, and the following testcase is executed: bash ip link add dev dummy1 type dummy ip link add name...
Astra Linux – Vulnerability in Chromium
Before version 94.0.4606.71, using Safebrowsing in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Tracing: Ensure that the traceprintk function can be used as soon as it is available. Currently, the traceprintk function can be used as soon as the earlyTraceinit function is called from startkernel. However, if a crash occurs,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipmi: Fixed use-after-free and list corruption on sender errors. The analysis from Breno indicates that when the SMI sender returns an error, the smiwork function delivers an error response but then jumps back to restart without...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tty: serial: sh-sci: fix RSCI FIFO overrun handling The receive error handling code is shared between RSCI and all other SCIF port types. However, for RSCI, the “overrunreg” is specified as a memory offset. For other SCIF types, ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fixed an error in tegrahtemaptolineid where the comparison was set to “”, but it should be changed to “=” to prevent a out-of-bounds read. “mapsz” represents the number of elements in the “m” array; therefore, the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a check for cstate. Since kzalloc may fail and return a NULL pointer, it would be better to check the cstate to avoid dereferencing the NULL pointer in drmatomichelpercrtcreset. Patchwork:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: ipu3imggu: Fixed NULL pointer dereferencing in active selection access. The IMGu driver handled this by first acquiring the pointers to the active devices, then attempting to use V4L2 subdev functions. Only after that did ...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: fw – fixed a memory leak in debugfs. A memory leak occurs when reading the fwinfo file. We return NULL to indicate that there are no more data, but we do not free the status tracking object...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fixed an error in handling chameleonparsegdd. If mcbdeviceregister returns an error in chameleonparsegdd, the reference count of the bus and device names is exposed. This issue is addressed by calling putdevice to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: igc: The TX packet buffer size per queue has been reduced from 7KB to 5KB. The previous setting of 7KB per queue caused issues with the TX unit during heavy timestamping operations. Reducing the buffer size to 5KB avoids such...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed potential memory leaks at the error handling path for UMP operations. The allocation and initialization errors in allocmidiurbs, which occur when the function is called during MIDI 2.0/UMP device operations...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: md: raid1: fixed a potential out-of-bounds error in raid1removedisk. If rddev-raiddisk is greater than mddev-raiddisks, an out-of-bounds error will occur in raid1removedisk. We have already encountered similar reports, as...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fanotify: Validate the return value of mntnsfromdentry before dereferencing it. The function dofanotifymark does not validate whether mntnsfromdentry returns NULL before dereferencing mntns-userns. This causes a NULL pointer...
Astra Linux – Vulnerability in libxstream-java
XStream is a simple library for serializing objects to XML and back again. This vulnerability may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service—only by manipulating the processed input stream when XStream is configured to use th...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fixed a potential data race in the PCM memory allocation helpers The PCM memory allocation helpers include a sanity check to prevent too many buffer allocations. However, this check is performed without proper locking,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: Fixed a potential use of the object “link” after it is freed in the function iwlmldremovelink. This code frees “link” by calling kfreerculink, rcuhead, and then it dereferes “link” to obtain “link-fwid”. Save...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear the FFR context field in streaming SVE mode The FFR is a predicate register whose size can range from 16 to 256 bits, depending on the configured vector length. When saving the SVE state in streamin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: xprtrdma: fixed pointer dereferencing in error cases of rpcrdmaepcreate. If there are failures, we must not leave non-NULL pointers with error values. Otherwise, rpcrdmaepDestroy will be confused and try to free those pointers...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel assumes that the vmbus channel array is allocated when it is called. However, in situations like kdump/kexec, not all relids will be reset by...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: md: Avoid repeated calls to delgendisk. There is a UAF Uninitialized Address Fault issue that was detected during case 23rdev-lifetime. Oops: General Protection Fault; likely due to a non-canonical address of 0xdead000000000122...
Astra Linux – Vulnerability in python-bottle
Packages from versions 0 and before 0.12.19 are vulnerable to Web Cache Poisoning, due to a mechanism called “parameter cloaking”. When attackers can separate query parameters using a semicolon ;, they can create a discrepancy in the interpretation of requests between the proxy running with defau...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: improved error handling for ext4dirhash The ext4dirhash function almost never fails, especially since the “hash tree” feature was first introduced. However, with the addition of support for encrypted, case-folded file names...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6779 – Added a check for the return value of mtkallocclkdata. The check is added to avoid dereferencing a NULL pointer...