18102 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: Fixed the ref counting in cpufreqpolicy. The function amdpstateupdatelimits takes a reference to cpufreqpolicy, but does not decrement the reference count during one of the exit paths. This issue has been fixe...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: fixed a memory leak in tcpconnrequest. If inetcskreqskqueuehashadd returns false, tcpconnrequest will return without freeing the dst memory, which was allocated in afops-routereq. Here is the stack trace for the issue:...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the printerwrite function in the files drivers/usb/gadget/function/fprinter.c from version 6.7.4 onwards does not call usbepqueue properly. This may allow attackers to cause a denial of service or result in unspecified other impacts...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: codecs: wcd938x: fixed missing mbhc initialization error handling The initialization of MBHC may fail, so additional error handling is needed to avoid dereferencing an error pointer during later configuration of the jack...
Astra Linux – Vulnerability in dcmtk
A flaw has been discovered in OFFIS DCMTK up to version 3.6.9. The affected element is the function DcmQueryRetrieveIndexDatabaseHandle::startFindRequest/DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest in the library dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. This manipulation ca...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Added a overflow check for attribute size. The offset addition could cause an overflow, potentially passing the used size check when parsing MFT attributes with very large sizes e.g., 0xffffff7f. This could lead to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: Do not overflow the maximum copy size. With non-page-aligned copies, we need to use a pitch that is 4 bytes in size. However, the size of the copied data may still be close to our maximum of approximately 8M. As a...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: cifs: A use-after-free has been fixed in rdata-readintopages. When the network status is unstable, a use-after-free may occur when reading data from the server. BUG: KASAN: Use-after-free in readpagesfillpages+0x14c/0x7e0 Call...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix error handling code in ufxusbprobe The current error handling code in ufxusbprobe contains many inconsistencies. For example, the function ufxfreeusblist is missing, and the destroymodedb label should only...
Astra Linux – Vulnerability in Firefox
When dragging and dropping an image across origins, the size of the image may be leaked. This behavior was present in version 109 and caused web compatibility issues, as well as this security concern. Therefore, this behavior was disabled until further review. This vulnerability affects Firefox...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: serial: imx: Add the missing .thawnoirq hook The following warning occurs when using non-console UART instances during system hibernation: 37.371969 ------------ Cut here --- 37.376599 uart3rootclk already disabled 37.380810...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Net: TLS – Fix for the WARNING message in skmsgfree. A splice operation with MSGSPLICEPAGES causes the TLS code to use the tlsswsendmsgsplice path to move the user-provided pages from the msg to the msgpl. This process loops over...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ice: A NULL pointer dereferencing issue was fixed in iceupdatevsitxringstats. It is possible to cause a NULL pointer dereferencing in routines that update Tx ring statistics. Currently, only statistics and bytes are updated when...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ovl: Fixed a NULL pointer dereference issue in the copy-up warning message. This patch addresses a NULL pointer dereference that caused a recently introduced warning message to fail...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: devlink: Report devlinkporttypewarn source device. devlinkporttypewarn is intended to be reported for ports that do not have a port type set. However, it is not easy to determine which device driver does not have a devlink por...
Astra Linux – Vulnerability in docker.io
Moby is an open-source container framework developed by Docker Inc., distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component, dockerd, which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode, which is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: Fixed the DPE OoB read issue. A buffer-overflow vulnerability related to DPE reads has been addressed. The number of DPEs processed is limited to the amount that fits within the fixed-size NDP16 header...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Counter: rz-mtu3-cnt: prevents the counter from being toggled multiple times The runtime PM counter is incremented/decremented each time the sysfs enable file is written to. If a user writes 0 to the sysfs enable file multiple...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed the issue of loading the RxGK token to check bounds. The rxrpcpreparsexdryfsrxgk function reads the raw key length and ticket length from the XDR token as u32 values. It then rounds up each value by 4 before using th...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutexinit location Syzbot reported that mxl111sfctrlmsg uses an uninitialized mutex. The issue was in the incorrect location of the mutexinit call. Previously, the mutexinit&state-msglock call was made...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. The supported versions affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. The vulnerability is difficult to exploit; an unauthenticated...
Astra Linux – Vulnerability in libmysofa
The libmysofa before November 24, 2019, does not properly restrict recursive function calls. This issue is evident from reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: A download of version 0.9 after December 6, 2019, shoul...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix for a flow memory leak in ovsflowcmdnew Syzkaller reported a memory leak in ovsflowcmdnew, as the memory allocated for the flow command does not get freed when an allocation failure occurs. BUG: Memory leak...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: Broadcom – bcm4908enet: Updates TX statistics after actual transmission. Queuing packets does not guarantee their transmission. Updates TX statistics after the hardware confirms that it is consuming the submitted data. This...
Astra Linux – Vulnerability in RustC
In the standard library of Rust before version 1.51.0, the Zip implementation calls iteratorgetunchecked more than once for the same index when it’s nested. This bug can lead to a memory safety violation due to a failure to meet the safety requirements of the TrustedRandomAccess trait...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: - net: tls: Fixed a use-after-free issue related to partial reads and async decryption operations. tlsdecryptsg does not take a reference to the pages from clearskb. Therefore, the putpage function in tlsdecryptdone releases...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: can: afcan: fixed NULL pointer dereferencing in canrcvfilter. Similar to the issue reported in commit 8aa59e355949 “can: afcan: fixed NULL pointer dereferencing in canrxregister”, we need to check for a missing initialization ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix device management cmd timeout flow In the UFS error handling flow, the host will send a device management command NOP OUT to the device to recover the link. If this command times out and clearing the device...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2lwdt: Fixed the 32-bit overflow issue. The value of timercycleus can be 0 due to 32-bit overflow. For example, if we assign the counter value “0xfff” for computing maxval. This patch fixes this issue by appending...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: NFSD: Protection against send buffer overflow in NFSv2 READDIR. The previous limit on the @count argument has been restored to prevent buffer overflow attacks...
Astra Linux – Vulnerability in ujson
UltraJSON is a fast JSON encoder and decoder written in pure C, with bindings for Python 3.7+. It was found that affected versions incorrectly decoded certain characters. JSON strings containing escaped surrogate characters that were not part of a valid surrogate pair were decoded incorrectly. Th...
Astra Linux – Vulnerability in openjpeg2
A flaw was discovered in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, resulting in an out-of-bounds read. The greatest threat from this vulnerability is system availability...
Astra Linux – Vulnerability in ffmpeg
A denial-of-service vulnerability exists in FFmpeg 4.2 due to a memory leak at the fifoalloccommon function in libavutil/fifo.c...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etf: Fixed a global-out-of-bounds issue in tmcupdateetfbuffer. The commit 6f755e85c332 “coresight: Add helper for inserting synchronization packets” removed the trailing \0 from the barrierpkt array and updated the...
Astra Linux – Vulnerability in netcdf
A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent places a pointer to the internal address of a larger block as xml-txt. This pointer is later deallocated using free, resulting in a segmentation fault...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: “pipe: wakeup wrwait after setting maxusage” The commit c73be61cede5 “pipe: Add general notification queue support” introduced a regression that could cause pipes with resized sizes to become locked under certain conditions. See...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fixed the issue with locking the mcast list. The release of priv-lock while iterating over priv-multicastlist in ipoibmcastjointask creates a situation where ipoibmcastdevFlush may remove the items while the iteration i...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: intel: A possible null-ptr-deref issue in ebunandprobe has been fixed. This issue could lead to a null-ptr-deref when using ‘res’. If platformgetresource returns NULL, moving using ‘res’ after devmioremapresource wi...
Astra Linux – Vulnerability in Firefox and Thunderbird
Using techniques based on slipstream research, a malicious webpage could scan both the hosts of an internal network and the services running on the user’s local machine, using WebRTC connections. This vulnerability affects Firefox ESR 78.9, Firefox 87, and Thunderbird 78.9...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpslowstartafteridle. When reading sysctltcpslowstartafteridle, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux – Vulnerability in busybox
A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free remote desktop protocol library and client. Affected versions of FreeRDP lack path canonicalization and base path checks for the drive channel. A malicious server can trick a FreeRDP-based client into reading files outside of the shared directory. This issue has been addressed i...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data through a crafted HTML page...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around the sysctltcpnotsentlowat variable. When reading sysctltcpnotsentlowat, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel – Added error handling for dmamapsg calls. The macro dmamapsg function may return 0 in case of an error. This patch enables checks in case of a macro failure and ensures that previously mapped buffers are unmappe...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: blk-mq: Ensure that the active queue usage is retained for biointegrityprep. The function blkintegrityunregister may be called if the queue usage counter is not retained for a bio with integrity prepared. This could lead to a...
Astra Linux – Vulnerability in Linux 5.15
A flaw was discovered in the ksmbd component of the Linux kernel. A memory leak may occur if a client sends a session setup request with an unknown NTLMSSP message type, potentially leading to resource exhaustion...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: e1000e: Changing usleeprange to udelay in PHY mdic access. This is a partial revert of commit 6dbdd4de0362 “e1000e: Workaround for sporadic MDI errors on Meteor Lake systems”. The referenced commit used usleeprange within the PHY...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevents underflow in sofipc4prioritymaskdfswrite. The “id” field comes from the user. The type of this field should be changed to unsigned to prevent an array underflow...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: - In media:meson:vdec, a possible refcount leak has been fixed in vdecprobe. - It is necessary to call v4l2deviceunregister to reset the refcount obtained by v4l2deviceregister when vdecprobe fails or vdecremove is called...