18102 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “arm64: zynqmp: Add an OP-TEE node to the device tree” This issue has been resolved through the commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically inserts a reserved-memory node along with the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed a mismatch in the count of ECMP siblings when clearing RTFADDRCONF. The syzbot reported a kernel bug in fib6addrt2node, when adding an IPv6 route. 0 The commit f72514b3c569 "ipv6: Clear RA flags when adding a static...
Astra Linux – Vulnerability in Firefox and Thunderbird
A website configured to initiate a specially crafted WebTransport session could cause the Firefox process to crash, resulting in a denial-of-service condition. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queuelock lock and destroy Commit 76d54bf20cdc "nvme-tcp: don’t access released sockets during error recovery" added a mutexlock call for the queue-queuelock in nvmetcpgetaddress. However, the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mapletree: correct tree corruption on spanning store Patch series “mapletree: correct tree corruption on spanning store”, v3. There was a minor but significant bug in the maple tree implementation that seems to have existed since...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: Folios with a right number of references are dropped when they exceed the limit set by EOF. When a “after-split” folio is large and needs to be dropped due to reaching EOF, the function folioputrefsfolio,...
Astra Linux – Vulnerability in Firefox
A race condition involving requestPointerLock and setTimeout could have allowed a user to interact with one tab while believing they were on a different tab. Combined with certain elements such as , this could lead to an attack where the user became confused about the origin of the webpage and...
Astra Linux – Vulnerability in Chromium
In WebUI Settings of Google Chrome before version 89.0.4389.72, an out-of-bounds memory read was allowed, enabling a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chrome security severity: Low...
Astra Linux – Vulnerability in nss
When converting coordinates from projective to affine, the modular inversion was not performed in constant time, allowing for a timing-based side channel attack. This vulnerability affects Firefox versions less than 80, as well as Firefox for Android versions less than 80...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fixed the NULL dereference in mlx5etirbuilderalloc. In mlx5etirbuilderalloc, kvzalloc may return NULL, which will be dereferenced on the next line as a reference to the modify field. This issue was identified by the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: fs/netfs/fscachecookie: added a check for the missing “naccesses” parameter. This fix addresses a NULL pointer dereference bug caused by a data race. The details of the bug are as follows: BUG: NULL pointer dereference in the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: A bug related to the missing hugetlblock during resv uncharge has been fixed. There is a recent report regarding the use of UFFDIOCOPY over hugetlb: https://loreKernel.org/all/[email protected]/...
Astra Linux – Vulnerability in coreutils
The vulnerability of the GNU Core Utilities basic utility package relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux – Vulnerability in Firefox
In violation of the specification, cookie prefixes such as Secure were ignored if they were not capitalized correctly. According to the specification, these prefixes should be checked using a case-insensitive comparison. This could result in the browser not correctly implementing the behaviors...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Verify the availability of the driver for the pathevent call. If no driver is attached to a device, or if the driver does not provide the pathevent function, an FCES path-event on this device could result in a...
Astra Linux – Vulnerability in Chromium
The use of after-free in Frames in Google Chrome before version 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Before version 100.0.4896.88, using free after in WebGPU with Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in exim4
Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow, because getstdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: Exploitation may be impractical due to the execution time required to cause an overflow multiple days...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in ANGLE in Google Chrome prior to version 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 97.0.4692.99, using "After Free" in Safe Browsing in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 96.0.4664.110, using Swiftshader in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Ceph
A key length flaw was discovered in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed during the encryption algorithm process, resulting in the creation of a non-random key. Such a key is weaker and can be exploited to compromise the confidentiality...
Astra Linux – Vulnerability in Linux 5.10
A flaw was discovered in btrfsgetrootref in fs/btrfs/disk-io.c within the btrfs filesystem of the Linux kernel, due to a double decrement of the reference count. This issue may allow a local attacker with user privileges to crash the system or may lead to the leakage of internal kernel informatio...
Astra Linux – Vulnerability in glib2.0
A flaw was discovered in GLib. A integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds...
Astra Linux – Vulnerability in Firefox
DoS attacks in the DOM: Service Workers component. This vulnerability was fixed in Firefox 147 and Thunderbird 147...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btmtksdio: Fixed a kernel oops in btmtksdiointerrupt. Fixed the following kernel oops in btmtksdiointerrrupt: 14.339134 btmtksdiointerrupt+0x28/0x54 14.339139 processsdiopendingirqs+0x68/0x1a0 14.339144...
Astra Linux – Vulnerability in Chromium
Inappropriate implementations of WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass the same-origin policy through a crafted HTML page...
Astra Linux – Vulnerabilities in Firefox, LibWebP, Thunderbird
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode function and loop through to free the best.bw file, assigning the best pointer to trial. The second loop will then return 0 due to a memory out-of-memory error in the VP8 encoder; the pointer remai...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iouring: prevents reg-wait speculation. By using ENTEREXTARGREG instead of passing a user pointer along with arguments for the waiting loop, the user can specify an offset within a pre-mapped region of memory. In this case, offse...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an warning in ext4updateinlinedata. Syzbot identified the following issue: EXT4-fs loop0: Mounted a filesystem with ID 00000000-0000-0000-0000-000000000000 without a journal. Quota mode: none. fscrypt: Uses...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: netlink: prevents potential Spectre v1 exploits Most netlink attributes are parsed and validated via nlavalidateparse or validatenla. c u16 type = nlatypenla; if type == 0 || type maxtype / Error or continue / The @type value is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451c1 “bpf: Track subprog poke descriptors correctly and fix use-after-free” under various failure conditions, for example, when...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: virtioconsole: removed the anonymous moduleinit and moduleexit functions. These anonymous functions can cause confusion or ambiguity when reading the System.map file, or may lead to crashes, oopses, or bugs. Additionally, they...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/vma: Fixed a memory leak in mmapregion. The commit 605f6586ecf7 “mm/vma: No memory leak occurs when .mmapprepare swaps the file” handled the success path by skipping getfile via filedoesntneedget, but missed the error path...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ipmi: Fixed UAF when uninstalling the ipmisi and ipmimsghandler modules Hi, During testing the installation and uninstallation of the ipmisi.ko and ipmimsghandler.ko modules, the system crashed. The log contains the following...
Astra Linux – Vulnerability in glibc
A flaw was discovered in glibc. A “off-by-one” buffer overflow and underflow in the getcwd function may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and the size passed to getcwd in a setuid program could exploit this flaw t...
Astra Linux – Vulnerability in wavpack
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variables. The impact includes unexpected control flow, crashes, and segfaults. The affected component is: ParseWave64HeaderConfig wave64.c:211. The attack vector is a maliciously crafted .wav file. The fixed version is: Afte...
Astra Linux – Vulnerability in wavpack
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variables. The impact includes unexpected control flow, crashes, and segfaults. The affected component is ParseCaffHeaderConfig caff.c:486. The attack vector is a maliciously crafted .wav file. The fixed version is after the...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Power: Supply: bq27xxx: Fixed handling of pollinterval and races during removal operations. Before this patch, the bq27xxxbatteryteardown function set pollinterval to 0 to avoid requeuing the delayedwork item during...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: block: Fixed a potential deadlock in blkiarangesysfsshow When reading a sysfs attribute, the attribute is already protected against removal due to the active reference counter of the kobject node. As a result, in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mctp: Fixed an error handling path in mctpinit. If mctpneighinit returns an error, the route resources should be released during the error handling path. Otherwise, some resources may be leaked...
Astra Linux – Vulnerability in Linux, Linux 5.10
A race condition was identified in the Linux kernel’s perfeventopen function, which can be exploited by an unprivileged user to gain root privileges. This bug allows for the exploitation of several attack primitives, such as kernel address information leakage and arbitrary execution...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fixed a bo leak in intelfbboframebufferinit. Added a unreference of “bo” in the error path to prevent the leakage of a “bo” reference. Return 0 on success to clarify the success path. Cherry-picked from commit...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Counter: rz-mtu3-cnt: Do not use the dev member of the struct rzmtu3channel. The counter driver can use HW channels 1 and 2, while the PWM driver can use HW channels 0, 1, 2, 3, 4, 6, 7. The dev member is assigned both by the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rxrpc: The issue of using the wrong skb when comparing the queued RESP challenge serial number has been fixed. In rxrpcpostresponse, the code should compare the challenge serial number from the cached response before deciding to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: added a sanity check on the previous kernel’s ima kexec buffer. When the second-stage kernel is booted via kexec with a limiting command line such as “mem=”, the physical range that contains the carried over IMA...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net.manap: Null servicewq on setup error to prevent double destruction. In the managdsetup error path, servicewq is set to NULL after destroyworkqueue, to match the cleanup in managdcleanup. This prevents a use-after-free if the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: caam – fixed an overflow issue when dealing with long HMAC keys. When a key that is longer than the block size is provided, it is copied and then hashed into the actual key. The memory allocated for the copy needs to be...
Astra Linux – Vulnerability in libstb
In Libsixel, prior to and including v1.10.3, a NULL pointer dereferencing in the stbimage.h component of libsixel allows attackers to cause a denial of service DOS through a crafted PICT file...
Astra Linux – Vulnerability in WebKit2GTK
This issue has been addressed through improved checks. This issue is fixed in Safari 26.1, iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, and watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...