18095 matches found
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges. The amdgpudiscoverygetnpsinfo function internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocations. Using kfree to releas...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height were updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE, but width/height have...
Astra Linux – Vulnerability in GIMP
A flaw was discovered in GIMP’s PSP Paint Shop Pro file parser. A remote attacker could exploit an integer overflow vulnerability in the readcreatorblock function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file is used for memory...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in the persistentcachereadentryv3 function in libfreerdp/cache/persistent.c, persistent-bmpSize was updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the ecamencodercompressh264 function relied on server-controlled dimensions and did not validate the source buffer size, resulting in a out-of-bounds read in swsscale. This vulnerability has been fixed in...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in WebUSB in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in libcap2
A flaw was discovered in libcap. A local, unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to a file controlled by the attacker. By doi...
Astra Linux – Vulnerability in xwayland, xorg-server
A flaw was discovered in the X.Org X server. This integer underflow vulnerability, specifically related to the handling of the XKB compatibility map, allows an attacker with local or remote access to the X11 server to trigger a buffer read overflow. This can lead to memory safety violations and...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The ATTRCTIME flags were set when setting the mtime. David reported that the new warning from setattrcopymgtime appears as follows: 113.215316 ------------ Cut here ----------- 113.215974 WARNING: CPU: 1 PID: 31 at...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when temporary file creation failed, readinfo was destroyed before its filename member could be accessed. This caused a NULL pointer dereference and resulting i...
Astra Linux – Vulnerability in unbound
A vulnerability in caching resolvers called “Rebirthday Attack” has been discovered in resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., with the option --enable-subnet, and when configured to send ECS information along with queries to...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rxe: Fixed a null dereference of srq-rq.queue after a resize failure. A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call m...
Astra Linux – Vulnerability in Chromium
Using “after free in Base” in Google Chrome before version 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Critical...
Astra Linux – Vulnerability in xwayland, xorg-server
A flaw was discovered in the X.Org X server. This vulnerability, an out-of-bounds read, affects the handling of XKB X Keyboard Extension modifier maps. An attacker with access to the X11 server can exploit this by sending a malformed request, causing the server to read beyond its intended memory...
Astra Linux – Vulnerability in Python 3.11
User-controlled header names and values containing newlines can allow for the injection of HTTP headers...
Astra Linux – Vulnerability in glib2.0
A flaw was discovered in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, resulting in a denial of service or potential code execution through a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in WebGL in Google Chrome prior to version 146.0.7680.165 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: IOMMU: Disable SVA when CONFIGX86 is set The patch series “Fix stale IOTLB entries for kernel address space”, version 7, proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA contex...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ext4: Do not zero the entire extent if EXT4EXTDATAPARTIALVALID1 is true. When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, the...
Astra Linux – Vulnerability in grub2
An integer overflow flaw was discovered in the BFS file system driver within grub2. When reading a file using an indirect extent map, grub2 fails to validate the number of extent entries to be read. A maliciously crafted or corrupted BFS file system may cause an integer overflow during file...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfcliprdrprovidedata passed the freed pDstData to XChangeProperty. This was because the cliprdr channel thread called xfcliprdrserverformatdataresponse, which converted and used the clipboard data without...
Astra Linux – Vulnerability in grub2
A stack overflow flaw was discovered while reading a BFS file system. A specially crafted BFS file system may lead to an uncontrolled loop, causing grub2 to crash...
Astra Linux – Vulnerability in Chromium
Using “after free” in the Network component of Google Chrome before version 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receives data only if registered Currently, the bcsprecv function can still be called even when the BCSP protocol has not been registered. This leads to a NULL pointer dereference, as shown in the following stack...
Astra Linux – Vulnerability in NetworkManager
A flaw was discovered in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. This would cause NetworkManager to crash, resulting in a denial of service...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fixed a memory leak in nfs4ffallocdeviceidnode. In nfs4ffallocdeviceidnode, if the allocation for dsversions fails, the function jumps to the outscratch label without freeing the already allocated dsaddrs list,...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive – The session is deactivated upon receiving the second RTS packet. Since j1939tprxtimer calls j1939sessiondeactivateactivatenext only when the timer is enabled, we need to call this...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make sure to release the reference taken when looking up the DMA mux platform device during route allocation...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: power: supply: sbs-battery: Fixed the use-of-free condition in powersupplychanged. By using the devm variant to request the IRQ before using the devm variant to allocate/register the powersupply handle, it becomes possible that t...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: can: esdusb: esdusbreadbulkcallback: fixed the URB memory leak. The memory leak was fixed in a similar manner to the issue in commit 7352e1d5932a “can: gsusb: gsusbreceivebulkcallback: fixed the URB memory leak”. In esdusbopen, t...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it. Before using the data buffer to send back the response message, completely zero it. This prevents any stray bytes from being picked up by the client side when messages are exchanged...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: be2net: Fixed NULL pointer dereferencing in becmdgetmacfromlist. When the parameter pmacidvalid, an argument of becmdgetmacfromlist, is set to false, the driver may request the PMACID from the firmware of the network card. This...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a malicious MSL script triggered a heap-use-after-free error. The operation element handler replaced and freed the image while the parser continued reading from...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: iio: sca3000: Fixed a resource leak in sca3000probe The variable spi-irq is not released after the requestthreadedirq function calls, when iiodeviceregister fails. Added a return value check and a jump to a common error handler...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Ceph: Proper snapshot context was provided for the cephzeropartialobject function. The cephzeropartialobject function lacked the correct snapshot context for its OSD write operations, which could lead to inconsistencies in...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: Fixed a memory leak in the error path. A memory leak was addressed in usbkeeneprobe. The v4l2 control handler was initialized, and controls were added. However, if v4l2deviceregister or videoregisterdevice fai...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only add the LED to ledslist when it is fully ready. Before this change, the LED was added to ledslist before the ledinitcore function was called—that is, before ledclassdev.setbrightnesswork was initialized. Thi...
Astra Linux – Vulnerability in cups
OpenPrinting CUPS is an open-source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and earlier, in a network-exposed cupsd with a shared target queue, an unauthorized client could send a Print-Job to that shared PostScript queue without authentication. The...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: power: supply: rt9455: A use-after-free occurred in the powersupplychanged function. By using the devm variant to request the IRQ before using the devm variant to allocate/register the powersupply handle, the powersupply handle...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: nfc: llcp: Fixed a memory leak in nfcllcpsenduiframe. syzbot reported various memory leaks related to NFC, struct nfcllcpsock, skbuff, nfcdev, etc. 0 The leading log hinted that nfcllcpsenduiframe failed to allocate skb due to...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: AppArmor: Fixed a race condition related to the dereference of rawdata. There is a race condition that leads to a “use-after-free” situation. Since the rawdata inodes are not counted for their references, an attacker can start...
Astra Linux – Vulnerability in PostgresSQL-15
A heap buffer overflow in PostgreSQL’s pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions prior to PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...
Astra Linux – Vulnerability in PostgresSQL-15
Lack of type validation for input in the PostgreSQL intarray extension’s selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: do not free existing class in qfqchangeclass This fix addresses the issue with the qfqchangeclass function. The cl-qdisc and cl fields should only be freed if a new class and qdisc are allocated; otherwise,...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Bonding: A net pointer to skbflowdissect must be provided. After the code “net: plumb network namespace into skbflowdissect”, we need to provide a net pointer to skbflowdissect, either via skb-dev, skb-sk, or a user-provided...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-15 and 6.9.13-40, msl.c sometimes failed to update the stack index. As a result, an image might be stored in the wrong slot and never freed upon an error, leading to leaks. Version...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: AppArmor: Fixed a double-free of nsname in aareplaceprofiles. If nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the value of...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: migrate: Corrected the lock ordering for hugetlb file operations involving folio. Syzbot has identified a deadlock issue analyzed by Lance Yang: 1. Task 5749: Holds foliolock, then attempts to acquire immaprwsem read lock. 2...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: soc: ti: pruss: Fix for a double-free in prussclkmuxsetup. In prussclkmuxsetup, the devmaddactionorreset function indirectly calls prussoffreeclkprovider, which in turn calls ofnodeputclkmuxnp on the error path. However, after...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx – The data passed through ioctl is copied to the kernel’s space properly. The UFXIOCTLREPORTDAMAGE ioctl does not copy data from user space to the kernel’s space properly. Instead, it directly references the memory...