18102 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Marking hrtimers to expire in hard interrupt context Similar to commits 2c0d278f3293f “KVM: LAPIC: Marking hrtimers to expire in hard interrupt context” and 9090825fa9974 “KVM: arm/arm64: Letting timers expire in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm: Fixed GEM free for imported dma-bufs Imported dma-bufs also have obj-resv != &obj-resv. Therefore, we should check this condition in addition to checking flags for handling the NOSHARE case. Fixed the issue reported...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fixed NULL dereferencing in error handling The following issue was reported: drivers/scsi/qedf/qedfmain.c:3056 qedfallocglobalqueues Warn: Missing “unwind goto”? At this point in the function, nothing has been allocat...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid unregistering PSP twice. PSP is unregistered twice in the following paths: mlx5eremove - mlx5epspunregister mlx5eniccleanup - mlx5epspunregister This leads to a refcount underflow under certain conditions:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fixed a potential refcount underflow for idev. In addrconfmodrstimer, the reference to idev depends on whether rstimer is not pending. Therefore, the timeout of rstimer was modified. There is a time gap in 1 during...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: fixed a memory leak in ocfs2stackglueinit The ocfs2tableheader should be freed in ocfs2stackglueinit if ocfs2sysfsinit fails; otherwise, kmemleak will report a memory leak. BUG: Memory leak Unreferenced object...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: virtiopmem: Added the missing REQOPWRITE for flushing bio. When performing mkfs.xfs on a pmem device, the following warning was encountered: ------------ Cut here ------------ Warning: CPU: 2, PID: 384; at block/blk-core.c:751:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/features: Added a check to ensure there are entries in cxlfeatureinfo. In cxl EDAC calls cxlfeatureinfo to obtain feature information, if the hardware does not support any features, cxlfs can be passed as NULL. 51.957498...
Astra Linux – Vulnerability in pcre3
In PCRE before version 8.44, libpcre allowed integer overflows due to a large number being used after a ?C substring...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: HID: appletbkbd: fixed memory corruption of inputhandlerlist In appletbkbdprobe, an input handler is initialized and then registered with the input core through inputregisterhandler. When this occurs, the input core adds the inpu...
Astra Linux – Vulnerability in WebKit2GTK
A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, and tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code...
Astra Linux – Vulnerability in Firefox
Mozilla developers Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 99. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. Th...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: extcon: The extcon device is modified to be created after the driver data is set. Currently, someone can invoke sysfs functions such as stateshow intermittently before devsetdrvdata is performed. This can lead to a kernel Oops...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: TCP/UDP: Fixed memory leaks related to sk and zerocopy SKBS with TX timestamps. Syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY SKBS. We can reproduce this issue with the following sequence: sk = socketAFINET,...
Astra Linux - Vulnerability in Golang-1.19
The handling of certain types of invalid zip files by the archive/zip package differs from the behavior of most zip implementations. This discrepancy could be exploited to create a zip file with contents that vary depending on the implementation used to read the file. The archive/zip package now...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: Only trigger DRM HPD events if the bridge is attached. The MediaTek DisplayPort interface bridge driver starts its interrupts as soon as it is probed. However, when the interrupts are triggered, the bridge might...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: do not trust the firmware’s nChannels value. If the firmware sends us a corrupted MCC response where nChannels is much larger than what the command response can handle, we might copy too much uninitialized...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: tpm: In tpmcrb, add acpiputtable to fix a memory leak. In crbacpiadd, we obtain the TPM2 table to retrieve information such as the start method, and then assign those values to private data. Therefore, the TPM2 table is not used...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: x86/FPU: Fixed NULL dereference in avx512status. Problem: When CONFIGX86DEBUGFPU is enabled, reading /proc/kthread/archstatus causes a warning and a NULL pointer dereference. This occurs because the AVX-512 timestamp code uses...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: TCP: TX zerocopy should not access the pfmemalloc status. We received a recent syzbot report 1 indicating a possible misuse of the page status in TCP zerocopy paths. Indeed, for pages originating from user space or other layers,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Fixed the issue where the sevreceivestart command failed due to the absence of the sevdecommission command. The current SEV context must be decommissioned if binding an ASID fails after a RECEIVESTART operation. Accordi...
Astra Linux – Vulnerability in WebKit2GTK
A validation issue has been addressed through improved input sanitization. This issue is fixed in iOS 15.3, iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, and macOS Monterey 12.2. Processing a maliciously crafted email message may result in the execution of arbitrary JavaScript code...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: tty: vcc: Added a check for kstrdup in vccprobe. Added a check on the return value of kstrdup, and return an error if it fails, in order to avoid NULL pointer dereferencing...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fixed a race condition in accessing memorysection-usage The following race condition was observed on a PFN that falls within the device memory region, with the system memory configuration where PFNs are structured a...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions, there is a Global-Buffer-Overflow in the ncrushdecompress function. Feeding crafted input into this function can trigger the overflow, which has only been shown to cause a...
Astra Linux – Vulnerability in librabbitmq
A vulnerability was discovered in the C AMQP client library also known as rabbitmq-c for RabbitMQ in versions up to 0.13.0. credentials can only be entered via the command line e.g., for amqp-publish or amqp-consume, and therefore they are visible to local attackers who can list processes along...
Astra Linux – Vulnerability in libxpm
A vulnerability was discovered in libXpm, where a boundary condition allows a local user to trigger an out-of-bounds read error, thereby reading contents of memory on the system...
Astra Linux – Vulnerability in virglrenderer
A heap-based buffer overflow in the vrendrenderertransferwriteiov function in vrendrenderer.c in virglrenderer from version 0.8.0 allows guest OS users to cause a denial of service, or a QEMU guest-to-host escape and code execution, through VIRGLCCMDRESOURCEINLINEWRITE commands...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: The flag SBRDONLY is no longer set during the f2fshandlecriticalerror function. The syzbot reported the following bug: ------------ Cut here ------------ WARNING: CPU: 1, PID: 58, in kernel/rcu/sync.c:177, function...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: Set vbif hw config to NULL to avoid use after memory free during pm runtime resume BUG: Unable to handle kernel paging requests at virtual address 006b6b6b6b6b6be3 Call trace: dpuvbifinitmemtypes+0x40/0xb8...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/slub: A check for s-flags was added in the alloctaggingslabfree hook function. When CONFIGMEMCG, CONFIGKFENCE, and CONFIGKMEMLEAK are enabled, the following warning always occurs. This happens because the following call sta...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ceph: The “use after free” error was detected by KASAN at the line cephbuffergetarg-xattrbuf;. This means that the reference count could not be incremented before the memory was freed. In the same file, in the handlecapgrant...
Astra Linux – Vulnerability in Chromium
The use of after-free in V8 in Google Chrome before version 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: fsl-qdma: A memory leak related to the queue command’s DMA operations has been fixed. The dmaalloccoherent function is not canceled either in the remove function, nor in the error handling path of fslqdmaprobe. Swit...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: ipv4: Handled attempts to delete multipath routes when fibinfo contains a reference to nh. Gwangun Jung reported a buffer overflow vulnerability in fibnhmatch: fibnhmatch+0xf98/0x1130, linux-6.0-rc7/net/ipv4/fibsemantics.c:961...
Astra Linux – Vulnerability in openimageio
A denial-of-service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project versions 2.3.19.0 and 2.4.4.2. A specially crafted .dds file can lead to a denial-of-service attack. An attacker can provide a malicious file that triggers this vulnerability...
Astra Linux – Vulnerability in node-qs
The qs format used before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process to hang for an Express application. This is because the proto key can be exploited. In many typical Express use cases, an unauthenticated remote attacker can insert the...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in Google Chrome’s internals before version 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a check on the callback function pointer before its call. In the dpucoreirqcallbackhandler callback function, the pointer pointing to the callback function is checked to be NULL. However, the callback function ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Filter out the EXT4FCREPLAY bit from the on-disk superblock’s sstate field. The EXT4FCREPLAY bit in sbi-smountstate is used to indicate that we are currently replaying the fast commit journal. This was actually a mistake, a...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu/amdgpucs: fixed the reference count leak of a dmafence object. This issue occurs in an error path within amdgpucsfencetohandleioctl. When info-in.what falls under the default case, the function simply returns...
Astra Linux – Vulnerability in Chromium
In ANGLE of Google Chrome, before version 96.0.4664.110, there was an issue with the object lifecycle mechanism that allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in usbredir
A use-after-free vulnerability was discovered in usbredir in versions prior to 0.11.0, specifically in the usbredirparserserialize function within usbredirparser/usbredirparser.c. This issue occurs when serializing large amounts of buffered write data, especially in cases where the destination is...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/cs: Commands with 0 chunks result in illegal behavior. Submitting a command with 0 chunks causes an oops, due to attempting to execute the wrong userspace driver. MESALOADERDRIVEROVERRIDE=v3d glxinfo 172536.665184 BUG:...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in Dev Tools of Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in the New Tab Page of Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML into a new browser tab through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
The use of after-free in WebRTC in Google Chrome before version 117.0.5938.62 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Thrift
In Apache Thrift versions 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when receiving invalid input data...
Astra Linux – Vulnerability in Chromium
Before version 102.0.5005.115, reading from outside the bounds in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in xorg-server
A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...