18102 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/edid: fixed an issue where information was leaked when attempting to obtain the panel ID. Be sure to clear the transfer buffer before retrieving the EDID, to avoid leaking slab data into logs in case of errors where the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed the NULL pointer dereferencing issue in the early fallback to fastopen. In the event of an early fallback to TCP, subflowsynrecvsock deletes the subflow context before returning the newly allocated socket to the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the tpm subsystem, the TPM chip must be locked first during the tpmpmsuspend function. Setting TPMCHIPFLAGSUSPENDED at the end of tpmpmsuspend can be done more efficiently, as this provides a window during which tpmhwrngread c...
Astra Linux – Vulnerability in Firefox
If an attacker were able to alter specific about:config values for example, malware running on the user’s computer, the Devtools remote debugging feature might be enabled in a way that is unnoticed by the user. This would allow a remote attacker who can establish a direct network connection to th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be performed in constant time. Replace the memcmp function with the correct function, cryptomemneq...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crashing when dealing with very long words. In cases where a console is set up to handle very large data, containing words that are truly long 256 characters, we need to stop processing before reaching the length o...
Astra Linux – Vulnerability in Golang-1.19
If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irqwork has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-free in irqworkrunli...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed the timeout of a call that has not yet been granted a channel. The afsmakecall function calls rxrpc.kernelbegincall to initiate a call which may get stalled in the background while waiting for a connection to become...
Astra Linux – Vulnerability in Chromium
The use of "after free" in Blink in Google Chrome before version 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in WebKit2GTK
An access issue has been resolved through improved access restrictions. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, and watchOS 10.3. A maliciously crafted webpage may be able to obtain user information...
Astra Linux – Vulnerability in htmldoc
A flaw was discovered in htmldoc in v1.9.12 and earlier versions. A stack buffer overflow in the parsetable function in ps-pdf.cxx may allow for the execution of arbitrary code and cause a denial of service attack...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth instead of bitwidth for system memory accesses To comply with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be relied upon to always be at a clean 8-bit boundary. This issue was discovere...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed a data race around unixtotinflight. unixtotinflight is updated under spinlockunixgclock, but unixreleasesock reads it without locking. We will use READONCE for unixtotinflight...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Input: raydiumtsi2c – fixed a memory leak in raydiumi2csend A kmemleak occurs when testing raydiumi2cts using the bpf mock device: Unreferenced object 0xffff88812d3675a0 size 8: Comm “python3”, PID 349, Jiffies 4294741067 Age...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Timekeeping: The leap state of the auxiliary timekeeper must be adjusted to the correct value. When the doajdtimex function was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When this...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fixed a use-after-free bug in ndlcremove due to a race condition This bug affects both stncii2cremove and stncispiremove. Take stncii2cremove as an example. In stncii2cprobe, it calls ndlcprobe and binds &ndlc-smwork...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed the use-of-memory issue in nreq in reqsktimerhandler. The referenced commit replaced inetcskreqskqueuedropandput with inetcskreqskqueuedrop and reqskput in reqsktimerhandler. Next, oreq should be passed to reqskput...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbuscore Fixed NULL pointer dereferencing. Pass i2cclient to pmbusisenabled to remove the assumption that a regulator device is passed in. This will fix the issue of NULL pointer dereferencing when called from pmbusgetfla...
Astra Linux – Vulnerability in Chromium
Before version 87.0.4280.141, using autofill in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: udf: Do not update the file length for failed writes to inline files When writing to an inline file fails or only partially succeeds, we still update the length of the inline data as if the entire write operation was successful...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: Make sure to wait for page writeback in memoryfailure. Our syzkaller triggers "BUGON!listempty&inode-iwblist" in clearinode: - Kernel bug at fs/inode.c:519! - Internal error: Oops – Bug: 0 1 SMP - Modules linke...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ext4: A bug related to delayed allocation was fixed in ext4clumapped for bigalloc and inline scenarios. When converting files with inline data to extents, delayed allocations made on a file system created with both bigalloc and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cgroup, freezer: Hold cpuhotpluglock before freezermutex. syzbot reports a circular locking dependency between cpuhotpluglock and freezermutex. To address this issue, commit f5d39b020809 “freezer,sched: Rewrite core freezer...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Set the new vector length before reallocating it. As part of fixing the allocation of the buffer for SVE states when changing the SME vector length, we introduced an immediate reallocation of the SVE state. This...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: BPF, sockmap: Do not allow sockmapclose,destroy,unhash to call itself. Proto callback functions in sockmap should never call themselves by design. Protect against bugs like 1 and break out of the recursive loop to avoid a stac...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fixed error handling for eventfd in kvmxeneventfdassign Do not call eventfdctxput in case of an error. Introduced a new goto target instead. - Paolo...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clearing workbit to handle error conditions During an error with the CLOSEINSTANCE command, ctxworkbits wasn’t cleared. Subsequent execution of mfc led to a NULL pointer dereferencing of this context, resulting in...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv – Properly handles the EBUSY error. Since seqiv only handles the special return value of EINPROGERSS, it means that in all other cases, it will free the data related to the request. However, since the caller of seqi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Fixed a potential use-after-free in nfsdfileput The nfsdfileputnoref function can free the @nf object; therefore, do not dereference @nf immediately after returning from nfsdfileputnoref...
Astra Linux – Vulnerability in Linux 5.10, Linux
Linux block and network PV device frontends do not zero memory regions before sharing them with the backend CVE-2022-26365, CVE-2022-33740. Additionally, the granularity of the grant table does not allow sharing smaller than a 4K page, resulting in unrelated data residing in the same 4K page as...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ethtool: Do not perform operations on net devices that are not yet registered. There is a short period between when a net device starts to be unregistered and when it is actually removed from the list of available devices. During...
Astra Linux – Vulnerability in Firefox and Thunderbird
A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the page array leak. d9f595b9a65e “iouring/zcrx: fixed the issue of leaked pages during sg initialization failure” fixed a page leakage issue; however, the page array was not freed either...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a deadlock that occurs during concurrent direct IO writes when there is limited free data space. When reserving data space for direct IO writes, a deadlock can occur if multiple tasks attempt to write to the same fil...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/smc: Fixed a possible leak of the pernet namespace in smcinit. In smcinit, registerpernetsubsys&smcnetstatops is called without any error handling. If this call fails, the registration of &smcnetops will not be reversed. And ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf, verifier: Fixed a memory leak in array reallocation for stack state. If an error NULL is returned by krealloc, callers of reallocarray would set their allocation pointers to NULL. However, when an error occurs in krealloc, i...
Astra Linux – Vulnerability in fig2dev
A stack-based buffer overflow in the genpstrxtext component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS by converting an xfig file into pstricks format...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Staging: r8188eu: prevented -Ssid overflow in rtwwxsetscan This code includes a check to prevent read overflow, but another check is needed to prevent writing beyond the end of the -Ssid array...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390/lcs: The return type of lcsstartxmit has been corrected. With Clang’s Kernel Control Flow Integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to ensure that the...
Astra Linux – Vulnerability in Tiff
Libtiff 4.5.0 is vulnerable to a Buffer Overflow issue through the extractContigSamplesBytes function at /libtiff/tools/tiffcrop.c:3215...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check the start of empty przs during initialization. After the commit 30696378f68a “pstore/ram: Do not treat empty buffers as valid”, the initialization process would assume that the prz start position was valid if th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: HID: winwing: Added a NULL check in winwinginitled. The devmkasprintf function can return a NULL pointer if it fails, but this returned value is not checked in winwinginitled. A NULL check should be added in winwinginitled to...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: - ntfs: Added a sanity check on the allocation size. - ntfsread inodemount calls ntfsmallocnofs with an allocation size of zero. This triggers a bug in the ntfsmalloc function. This issue has been fixed by adding a sanity chec...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fixed the issue of null pointer dereferencing in ESI. ESI/MSI is a performance optimization feature that provides dedicated interrupts per MCQ hardware queue. This is an optional feature, and UFS MCQ should...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: NFS/localio: Fixed a race condition in nfslocalopenfh. Once the clp-cluuid.lock is dropped, another CPU may come in and free the struct nfsdfile that was just added. To prevent this from happening, take the RCU read lock before...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in openimageio
There is a heap-based buffer overflow vulnerability in the tile decoding code of the TIFF image parser in OpenImageIO’s master-branch-9aeece7a and v2.3.19.0. A specially crafted TIFF file can lead to out-of-bounds memory corruption, which may result in arbitrary code execution. An attacker can...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftchainfilter: handling of NETDEVUNREGISTER for the inet/ingress basechain. Remove netdevice from the inet/ingress basechain in case NETDEVUNREGISTER event is reported; otherwise, a stale reference to netdevice remain...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in Skia in Google Chrome prior to version 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...