18102 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: pstore/platform: Added a check for kstrdup. Added a check on the return value of kstrdup, and return an error if it fails, in order to avoid NULL pointer dereferencing...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes – Fix for buffer overreading in CTR mode When processing the last block, the s390 CTR code will always read a whole block, even if there is no data left in that block. This issue is fixed by using the actual...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: The issue lies in ofparsephandlewithargsmap. In this function, the inner loop that iterates through the map entries calls ofnodeputnew to free the reference acquired during the previous iteration of the inner loop. This assumes...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: bcm2835spihandleerr: Fixed the issue of NULL pointer dereferencing for non-DMA transfers. If an IRQ-based transfer times out, the bcm2835spihandleerr function is called. Since commit 1513ceee70f2 “spi: bcm2835: Drop...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mt76: fixed the race condition related to the “tx status” after the station removal operation. There is a small race condition where ongoing TX activity can cause an skb to be added to the status tracking IDR, even after that...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: In the zone operation, the code must traverse devices under the chunkmutex in btrfscanactivatezone. The btrfscanactivatezone function can be called with the devicelistmutex already held, which could lead to a deadlock. ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: EFI: Runtime: Avoid EFIv2 runtime services on Apple x86 machines Aditya reports that his recent MacBookPro crashes during firmware updates when variable services are used at runtime. The culprit seems to be a call to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, the generation of the list of MDB events to replay competed with the creation of new group memberhips, either through the IGMP/MLD snoopin...
Astra Linux – Vulnerability in gdk-pixbuf
In GNOME GdkPixbuf also known as gdk-pixbuf up to version 2.42.10, the ANI decoder used for Windows animated cursors encounters heap memory corruption when parsing chunks from a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, resulting in a denial-of-service...
Astra Linux – Vulnerability in Nasm
A buffer overflow vulnerability exists in the scan function in stdscan.c in nasm 2.15rc0, allowing remote attackers to cause a denial of service by using crafted ASM files...
Astra Linux – Vulnerability in ffmpeg
There is a heap-based Buffer Overflow vulnerability in FFmpeg 4.2, located in the filterframe module of libavfilter/vfbitplanenoise.c. This vulnerability may lead to memory corruption and other potential issues...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - Block: Fixed the issue where queues could freeze, compared to the lock order in sysfs store methods. The queueattrstore method always freezes a device queue before calling the attribute store operation. For attributes that...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: sparx5 – Fixed the issue where the entry was still used after being freed within sparx5delmactEntry. Based on the static analysis of the code, it appears that when an entry from the MAC table was removed, the entry was still...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – fixed a potential out-of-bounds read in iwlmvmndmatchinfohandler The memcpy function assumes that the dynamic array notif-matches is at least as large as the number of bytes to be copied. Otherwise,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fixed a null-ptr-deref in vkmsrelease. A null-ptr-deref occurred when trying to destroy the workqueue in vkms-output.composerworkq during vkmsrelease. KASAN: Null-ptr-deref occurred in the range...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The use-after-free issue in smblazyparentleasebreakclose has been fixed. The opinfo pointer, which is obtained through rcudereferencefp-fopinfo, is accessed after rcureadunlock has been called. This creates a race conditio...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed incorrect early exits for invalid “metabox-enabled” images. Crafted EROFS images with metadata compression enabled can trigger incorrect early returns, leading to folio reference leaks. However, this does not cause...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix for the WARN message triggered in netifnapidellocked when a USB device is disconnected The redundant call to netifnapidel was removed from the disconnect path. A WARN message may be triggered in...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: orangefs: The issue in kmemleak in orangefspreparedebugfshelpstring has been fixed. When inserting or removing the orangefs module, the debughelpstring variable may be leaked: - Unreferenced object: 0xffff8881652ba000 size 4096 -...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass an empty environment variable. fwgetenv will use the environment variable entry to determine the style of the environment variables. However, it is legal for the firmware to simply pass an empty...
Astra Linux – Vulnerability in ffmpeg5
In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, there is a potential security vulnerability due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: phy: phy-tahvo: fix memory leak in tahvousbprobe Suggestions: drivers/usb/phy/phy-tahvo.c: tahvousbprobe Warning: Missing unwind goto? After obtaining the IRQ, if ret 0, it will return without error handling, freeing up...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: block: ublk: Make sure that the block size is set correctly. The block size is a very important setting for the block layer; an incorrect block size can easily cause the kernel to panic. Ensure that the block size is set correctl...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: x86/resctrl: Clear stagedconfig before and after it is used. As a temporary storage, stagedconfig in rdtdomain should be cleared before and after it is used. The stale value in stagedconfig could cause an MSR access error. Here i...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fixed a memory leak in mlx5eptpopen. When kvzallocnode or kvzalloc fails in mlx5eptpopen, the memory pointed to by “c” or “cparams” is not freed, which can lead to a memory leak. This issue has been fixed by freeing th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure is not freed when it is unbound, resulting in a memory leak...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mmc: mxcmmc: Fix the return value check in mmcaddhost. mmcaddhost may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked, leading to a kernel crash due to the removal of devices...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read from and write to shared, unencrypted memory directly. This may lead to the leakage of information, as well as allowing the host to tamper with the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed the error in the length of the VALIDATENEGOTIATEINFO message. The commit code is d5c7076b772a “smb3: added “smb3.1.1” to the default dialect list”. The number of dialects was extended from 3 to 4. However, it was...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Double-free of rqxprtctxt while it is still in use. When a RPC request is deferred, the pointer rqxprtctxt is moved out of the svcrqst to the svcdeferredreq. When the deferred request is revisited, the pointer is copied...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: gpib: A use-after-free occurred in the IO ioctl handlers. The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpibdescriptor pointer after the board-biggpibmutex has been released. A concurrent IBCLOSEDEV ioctl can free the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Handling the case where EIOINTC’s coremap is empty EIOINTC’s coremap in eiointcupdateswcoremap can be empty. Currently, we get a cpuid value of -1 in this case, but we actually need a value of 0, as it is similar ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fixed a NULL pointer dereferencing issue during device cleanup. When GPU initialization fails due to an unsupported HW block, IP blocks may have a NULL version pointer. During cleanup in amdgpudevicefinihw, the code call...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Fixed resource leaks that occur during errors in lineinfochangednotify. During error handling, lineinfochangednotify does not free the allocated resources, resulting in leaks. This issue has been fixed...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: The array index may go out of bounds. Klocwork reports that the array vha-hoststr, which is 16-sized, may use index values 16–19. It is recommended to use snprintf instead of sprintf...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a bug in ext4mbnew inodepa due to overflow. When calculating the end position of ext4freeextent, this position might be exactly where ext4lblkt i.e., uint overflows. For example, if acgex.felogical is 4294965248 and...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Tracing: Ensure that traceeventfile has a ref counter. The following actions can cause the kernel to crash: cd /sys/kernel/tracing echo 'p:sched schedule' kprobeevents exec 5events/kprobes/sched/enable kprobeevents exec 5&- Th...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A flaw was discovered in the Netfilter subsystem of the Linux kernel. The nfnlosfaddcallback function did not validate the optnum field controlled by the user mode. This flaw allows a local privileged attacker with CAPNETADMIN privileges to trigger an out-of-bounds read, resulting in a system cra...
Astra Linux – Vulnerability in ncurses
A buffer overflow vulnerability exists in the postprocessterminfo function in tinfo/parseentry.c:997 within ncurses 6.1. This vulnerability allows remote attackers to cause a denial of service by using crafted commands...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed the memory ordering between normal and ordered work functions. Ordered work functions are not guaranteed to be handled by the same thread that executes the normal work functions. The only way to synchronize...
Astra Linux – Vulnerability in Jackson-Databind
FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to com.newrelic agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in WebRTC in Google Chrome prior to version 94.0.4606.81 allowed a remote attacker who convinced a user to navigate to a malicious website to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: added a lock to the call to rvterrorqp to prevent a race condition. The documentation for the rvterrorqp function states that both rlock and slock need to be held when calling that function. It also includes an asserti...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ceph: Always call cephShiftUnusedFoliosLeft The function cephProcessFolioBatch sets the folioBatch entries to NULL, which is an illegal state. Before folioBatchRelease crashes due to this API violation, the function...
Astra Linux – Vulnerability in GhostScript
In Artifex Ghostscript version 10.01.0, there is a buffer overflow that may lead to corruption of data within the PostScript interpreter, specifically in the bcp/sbcp.c file. This issue affects functions such as BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled just...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed the BUGON issue when the directory entry has an invalid reclen field. The reclen field in the directory entry must be a multiple of 4. A corrupted filesystem image can exploit this bug in the ext4reclentodisk function...
Astra Linux – Vulnerability in Firefox
Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 107. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Fix for kernel crash during resume Currently, during resume, the QMI target memory is not handled properly. This results in a kernel crash if DMA remap is not supported: BUG: Incorrect page state in process...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a use-after-free on the inode when scanning the root during em shrinking. In the function btrfsscanroot, we access the root of the inode along with fsinfo through a call to btrfsfsclosing. After scheduling the inode...