18102 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fixed NULL pointer access in the interrupt handler. The TX buffer in spitransfer can be a NULL pointer. As a result, the interrupt handler may write to invalid memory, causing crashes. Add a check for trans-txbuf...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx – call finalize with bh disabled When calling cryptofinalizerequest, the error bit BH should be disabled to avoid triggering the following calltrace: ------------- Cut here -------------- WARNING: CPU: 2 PID: 74 at...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: afs: Increase the buffer size in afsupdatevolumestatus. The maximum length of the volume-vid value is 20 characters. Therefore, increase the size of idbuf to 24 to avoid overflow. Found by the Linux Verification Center...
Astra Linux – Vulnerability in Chromium
In V8 of Google Chrome, out-of-bounds memory access before version 122.0.6261.111 allowed a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
The use of “after free” in Accessibility in Google Chrome before version 122.0.6261.57 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through specific UI gestures. Chromium security severity: Medium...
Astra Linux – Vulnerability in gnutls28
A vulnerability was discovered in GnuTLS. The response times to malformed ciphertexts in the RSA-PSK ClientKeyExchange differ from those of ciphertexts with correct PKCS1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack during the RSA-PSK key exchange,...
Astra Linux – Vulnerability in SQLite3
A vulnerability was discovered in SQLite SQLite3 version 3.43.0 and is classified as critical. This issue affects the sessionReadRecord function in the file ext/session/sqlite3session.c of the make alltest component. The vulnerability results in a heap-based buffer overflow. It is recommended to...
Astra Linux – Vulnerability in Qemu
A stack-based buffer overflow was discovered in the virtio-net device of QEMU. This issue occurs when flushing the TX operation in the virtionetflushtx function, provided that the guest has enabled VIRTIONETFHASHREPORT, VIRTIOFVERSION1, and VIRTIONETFMRGRXBUF. This could allow a malicious user to...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: The issue involves bcm: – a UAF Use-After-Free flaw in bcmprocshow. Bug: KASAN: A slabuse-after-free issue occurs in bcmprocshow+0x969/0xa80. A size 8 data block was read from address ffff888155846230 by the task cat/7862. CPU: 1...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fixed an issue where UBSAN used an array-index that was out of bounds for SMU7. For pptable structures that use flexible array sizes, use flexible arrays instead...
Astra Linux – Vulnerability in Firefox and Thunderbird
When receiving rendering data via IPC mStream, it might have been destroyed during initialization, which could lead to a use-after-free condition and potentially cause a crash. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...
Astra Linux – Vulnerability in Chromium
The use of “after free” in PDFs in Google Chrome before version 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption through a crafted PDF file. Chromium security severity: High...
Astra Linux – Vulnerability in Docker-Registry
A flaw was discovered in the /v2/catalog endpoint located in the distribution/distribution directory. This endpoint accepts a parameter that controls the maximum number of records to be returned query string: n. This vulnerability allows a malicious user to submit an excessively large value for n...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
Incorrect verifier pruning in the BPF module of the Linux kernel version 5.4 and above leads to unsafe code paths being incorrectly marked as safe. This results in arbitrary read/writes to kernel memory, lateral privilege escalation, and container escapes...
Astra Linux – Vulnerability in libbpf
A vulnerability has been discovered in the Linux kernel. It has been identified as problematic. This issue affects the parseusdtarg function in the tools/lib/bpf/usdt.c file of the BPF component. Manipulating the regname argument leads to a memory leak. It is recommended that a patch be applied t...
Astra Linux – Vulnerability in libxml2
In libxml2 before version 2.10.4, parsing certain invalid XSD schemas can lead to a NULL pointer dereferencing, followed by a segfault. This issue occurs in the xmlSchemaFixupComplexType function in xmlschemas.c...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
Inappropriate implementations in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation of Omnibox in Google Chrome prior to version 99.0.4844.51 allowed an attacker with privileged network access to perform a man-in-the-middle attack through malicious network traffic. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Extensions in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to spoof extension storage via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in xorg-server
A vulnerability was discovered in X.Org. This security flaw arises because the XkbCopyNames function left a dangling pointer pointing to freed memory, allowing for out-of-bounds memory access during subsequent XkbGetKbdByName requests. This issue can lead to local privileges escalation on systems...
Astra Linux – Vulnerability in Linux 5.10
A NULL pointer dereference issue was discovered in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, resulting in a kernel oops condition that causes a denial of service...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixed a potential memory leak related to gpumetricstable. Memory is allocated for gpumetricstable in renoirinitsmctables, but it is not freed in int smuv120finismctables. Please free that memory accordingly...
Astra Linux – Vulnerability in Chromium
Integer overflow in the Window Manager in Google Chrome on the Chrome OS and Lacros before version 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out-of-bounds memory write via crafted UI interactions. Chrome security severity: Hig...
Astra Linux – Vulnerability in Vim
Out-of-bounds read in the GitHub repository for Vim before version 8.2...
Astra Linux – Vulnerability in Chromium
Before version 102.0.5005.61, using the "after free" feature in Indexed DB in Google Chrome allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Vim
A heap-based buffer overflow vulnerability occurs in Vim in the GitHub repository vim/vim, prior to version 8.2.4563...
Astra Linux – Vulnerability in Vim
Vim is vulnerable to Out-of-bounds Read attacks...
Astra Linux – Vulnerability in Vim
Vim is vulnerable to Heap-based Buffer Overflow attacks...
Astra Linux – Vulnerability in cyrus-sasl2
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, the plugins/sql.c file does not escape the password used in SQL INSERT or UPDATE statements...
Astra Linux – Vulnerability in Chromium
Before version 101.0.4951.41, using free after development tools in Google Chrome allowed a remote attacker to potentially exploit heap corruption through specific and direct user interactions...
Astra Linux – Vulnerability in Linux, Linux 5.10
A use-after-free flaw was discovered in the Linux kernel’s Amateur Radio AX.25 protocol functionality, regarding the way users connect with the protocol. This flaw allows a local user to crash the system...
Astra Linux – Vulnerability in Chromium
Before version 99.0.4844.74, using Safe Browsing in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
The use of “after free” in Cast in Google Chrome before version 99.0.4844.51 allowed attackers to convince users to install a malicious extension and induce specific user interactions, thereby potentially exploiting heap corruption through a crafted Chrome Extension...
Astra Linux – Vulnerability in Jetty9
There exists a security vulnerability in Jetty’s DosFilter that can be exploited by unauthorized users to cause remote denial-of-service DoS attacks on servers using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server’s memory...
Astra Linux – Vulnerability in glibc
The Name Service Cache Daemon’s nscd netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. This flaw was introduced in glibc 2.15, when the cache was added to nscd. This vulnerability only exists in the nscd binary...
Astra Linux – Vulnerability in Chromium
The use of after-free in ANGLE in Google Chrome before version 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Critical...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: corrected incorrect allocation size gcc-14 notes that the allocation using sizeofvoid on 32-bit architectures is insufficient for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In the function...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: hsr: Fixed uninit-value access in hsrgetnode KMSAN reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in hsrgetnode+0xa2e/0xa40...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in libssh
A flaw was discovered in libssh. By using the ProxyCommand or ProxyJump feature, users can exploit unvalidated hostname syntax on the client side. This issue may allow an attacker to inject malicious code into the commands related to these features via the hostname parameter...
Astra Linux – Vulnerability in Linux, Linux 5.10
Guests can trigger the reset/abort/crash of the NIC interface through netback. It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux-based network backend by sending certain types of packets. It seems to be an unstated assumption in the rest of the Linux network stack...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow vulnerability in Vulkan in Google Chrome prior to version 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hfi1: Fixed a use-after-free bug related to the mm struct. Under certain conditions, such as MPIAbort, the hfi1 cleanup code may represent the last reference held on the task’s mm. hfi1mmurbunregister then releases the la...
Astra Linux – Vulnerability in Linux 5.10, Linux
A vulnerability classified as problematic has been discovered in the Linux kernel. The affected function is j1939sessiondestroy in the file net/can/j1939/transport.c. This manipulation leads to a memory leak. It is recommended that a patch be applied to fix this issue. The identifier of this...
Astra Linux – Vulnerability in SQLite3
SQLite version 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c...
Astra Linux – Vulnerability in libsdl1.2, libsdl2
In SDL Simple DirectMedia Layer, from versions 1.2.15 onward, as well as in versions 2.x through 2.0.9, there is a heap-based buffer over-read issue in the InitMSADPCM function within audio/SDLwave.c, specifically within the wNumCoef loop...
Astra Linux – Vulnerability in the 389-DS-base
In the 389-ds-base up to version 1.4.1.2, requests are processed by worker threads. Each socket is waited for by the worker for no more than ‘ioblocktimeout’ seconds. However, this timeout applies only to un-encrypted requests. Connections that use SSL/TLS do not take this timeout into account...
Astra Linux – Vulnerability in SQLite3
The ext/misc/zipfile.c file in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded \0' characters in filenames, resulting in a memory-management error that can be detected using tools like valgrind...
Astra Linux – Vulnerability in Linux
The overlayfs implementation in the Linux kernel failed to properly validate, regarding user namespaces, the setting of file capabilities on files in the underlying file system. Due to the combination of unprivileged user namespaces and a patch carried in the Ubuntu kernel that allows unprivilege...