18102 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A heap out-of-bounds write vulnerability in the Linux Kernel Performance Events perf component of the Linux kernel can be exploited to achieve local privilege escalation. If the perfreadgroup function is called when the siblinglist of an event is smaller than that of its child, it may increment o...
Astra Linux – Vulnerability in OpenSSL
Issue summary: Generating excessively long X9.42 DH keys or checking overly long X9.42 DH keys or parameters can be very slow. Applications that use functions like DHgeneratekey to generate an X9.42 DH key may experience prolonged delays. Similarly, applications that use functions like...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Thermal: Prevent potential string overflows. The dev-id value comes from idaalloc, so it’s a number between zero and INTMAX. If it’s too high, the sprintf functions will cause overflow...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: possible buffer overflow. The buffer ‘afmtstatus’, which is sized 6, could overflow, as the index ‘afmtidx’ is checked after access...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: perf/core: Abrupt exit if the requested AUX area is out of bounds. When using perf-record with a large AUX area, for example 4GB, the following error occurs: bash perf record -C 0 -m ,4G -e armspe0// -- sleep 1 Failed to mmap wit...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Do not return “unset power” in ieee80211gettxpower. We may receive a UBSAN warning if ieee80211gettxpower returns the INTMIN value that mac80211 internally uses for “unset power level”. UBSAN:...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Added a check for the negative value of dbl2nbperpage. l2nbperpage is log2number of blks per page, and the minimum legal value should be 0, not negative. If l2nbperpage is negative, an error will occur when it is...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: fs/jfs: Added validation for dbmaxag and dbagpref. Both dbmaxag and dbagpref are used as indexes for the dbagfree array. However, there is currently no validation for these values, which can lead to errors. The following is a...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipvlan: Added a helper function for ipvlanroutev6outbound. This was inspired by reports from syzbot, which used multiple ipvlan devices in their stacks. The stack size required in ipvlanprocessv6outbound was reduced by moving...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: afunix: fix use-after-free in unixstreamreadactor syzbot reported the following crash 1 After releasing unix socket lock, u-oobskb can be changed by another thread. We must temporarily increase skb refcount to make sure this othe...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: media: gspca: cpia1: shift-out-of-bounds in setflicker Syzkaller reported the following issue: UBSAN: Shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27; shift exponent 245 is too large for a 32-bit type ‘int’. Whe...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevents deadlock by changing j1939sockslock to rwlock. The following 3 locks may race against each other, causing a deadlock situation in the Syzbot bug report: - j1939sockslock - activesessionlistlock -...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: PCI: switchtec: Fixed a crash occurring in stdevrelease after an unexpected hot removal. A hot removal of a PCI device can occur while stdev-cdev is still held open. The call to stdevrelease happens during close or exit, well aft...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: FS:JFS:UBSAN: array-index-out-of-bounds in dbAdjTree Syzkaller reported the following issue: UBSAN: array-index-out-of-bounds in fs/jfs/jfsdmap.c:2867:6 Index 196694 is out of range for type ‘s81365’ also known as ‘signed...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: mana: Fixed error handling for TX CQE messages. For an unknown type of TX CQE error likely due to newer hardware, still free the SKB, update the queue tail, etc. Otherwise, the accounting data will be incorrect...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Rejects redirects of skmsg messages to non-TCP sockets With a SOCKMAP/SOCKHASH map and a skmsg program, users can direct messages sent from one TCP socket s1 to actually exiting from another TCP socket s2...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fixed a possible out-of-bounds string access issue. Enabling -Wstringop-overflow globally exposes a warning for a common bug in the use of strncat. drivers/edac/thunderxedac.c: In the function...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The issue of slub overflow in ksmbddecodentlmsspauthblob has been fixed. If authblob-SessionKey.Length is larger than the size of the session key CIFSKEYSIZE, slub overflow can occur in the key exchange process. The functi...
Astra Linux – Vulnerability in Tiff
A segmentation fault flaw was discovered in libtiff, which can be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt API. This flaw allows a remote attacker to cause a heap-buffer overflow, resulting in a denial of service...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel, as of version 6.6.8, has a use-after-free issue due to a race condition involving btsockioctl...
Astra Linux – Vulnerability in unbound, bind9
The “Closest Encloser Proof” aspect of the DNS protocol as described in RFC 5155, when the guidance provided in RFC 9276 is skipped enables remote attackers to cause a denial of service resulting in high CPU usage for SHA-1 calculations through DNSSEC responses during a random subdomain attack,...
Astra Linux – Vulnerability in Squid
Squid is a caching proxy for the web that supports HTTP, HTTPS, FTP, and other protocols. A bug related to incorrect checking of function return values makes Squid vulnerable to Denial of Service attacks targeting its helper process management. This bug has been fixed in Squid version 6.5. Users...
Astra Linux – Vulnerability in glibc
A flaw has been identified in glibc. In a rare situation, the gaihinet function may use memory that has already been freed, leading to an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with...
Astra Linux – Vulnerability in Vim
Heap-based Buffer Overflow in the GitHub repository vim/vim before version 9.0.1848...
Astra Linux – Vulnerability in Vim
Use After Free in the GitHub repository vim/vim before version 9.0.1858...
Astra Linux – Vulnerability in Squid
Squid is a caching proxy for the Web that supports HTTP, HTTPS, FTP, and other protocols. Due to a NULL pointer dereference bug, Squid is vulnerable to Denial of Service attacks targeting its Gopher gateway. The Gopher protocol was always available and enabled in Squid prior to Squid 6.0.1...
Astra Linux – Vulnerability in Linux 5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue arises from the lack of proper locking when performing operations on an object. An attacker can...
Astra Linux – Vulnerability in Thunderbird
Memory safety bugs exist in Firefox ESR 102.7. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Thunderbird 102.8 and Firefox ESR 102.8...
Astra Linux – Vulnerability in binutils
A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It is an out-of-bounds read that leads to a segmentation fault in bfdgetl32 in libbfd.c, when called from pex64getruntimefunction in pei-x8664.c...
Astra Linux – Vulnerability in binutils
A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It involves an attempt at excessive memory allocation in the bfdelfslurpversiontables function within elf.c...
Astra Linux – Vulnerability in Wireshark
A memory leak in the BT SDP dissector in Wireshark versions 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows for denial of service through packet injection or malicious capture files...
Astra Linux – Vulnerability in Wireshark
The BT SDP dissector has an infinite loop in Wireshark versions 4.0.0 to 4.0.7, and 3.6.0 to 3.6.15. This issue allows for denial of service through packet injection or with crafted capture files...
Astra Linux – Vulnerability in Linux 5.15
A issue was discovered in the net/ceph/messengerv2.c file within the Linux kernel before version 6.4.5. There is an integer signedness error, which leads to a buffer overflow and remote code execution via the HELLO command or one of the AUTH frames. This occurs due to an untrusted length value...
Astra Linux – Vulnerability in gst-plugins-bad1.0
GStreamer MXF File Parsing: Integer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may va...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerabilities in Chromium, Firefox, Thunderbird, and LibVpx
A heap buffer overflow occurred in the vp8 encoding process in libvpx within Google Chrome before version 117.0.5938.132. In version 1.13.1 of libvpx, a remote attacker could potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
The use of “after free” in Extensions in Google Chrome before version 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerabilities in Chromium, Firefox, Thunderbird, and LibWebP
A heap buffer overflow in libwebp in Google Chrome prior to version 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: Critical...
Astra Linux – Vulnerability in Chromium
The use of after-free in networks in Google Chrome before version 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
In FedCM, out-of-bounds memory access in Google Chrome prior to version 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in libx11, libxpm
A vulnerability was discovered in libX11 due to an infinite loop within the PutSubImage function. This flaw allows a local user to consume all available system resources and cause a denial of service condition...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
A use-after-free vulnerability exists in the Linux kernel’s net/sched:clsu32 component, which can be exploited to achieve local privilege escalation. When the u32change function is called on an existing filter, the entire tcfresult struct is always copied into the new instance of the filter. This...
Astra Linux – Vulnerability in OpenSSH
The PKCS11 feature in ssh-agent in OpenSSH prior to version 9.3p2 has an insufficiently trustworthy search path, which can lead to remote code execution if the agent is forwarded to a system controlled by an attacker. The code located in /usr/lib is not necessarily safe for loading into ssh-agent...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
A NULL pointer dereference issue was discovered in the gfs2 file system within the Linux kernel. This issue occurs in corrupted gfs2 file systems when the evict code attempts to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could explo...
Astra Linux – Vulnerability in c-ares
c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service attacks. When a target resolver sends a query, the attacker creates a malformed UDP packet with a length of 0 and sends it back to the target resolver. The target resolver misinterprets this 0-length field as an...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by the lack of skb-cb initialization in the ipvlan network driver. The vulnerability is exploitable if CONFIGIPVLAN is...
Astra Linux – Vulnerability in Golang-1.19
Extremely large RSA keys in certificate chains can cause clients and servers to spend significant CPU time verifying signatures. With this fix, the size of RSA keys transmitted during handshake operations is limited to 8192 bits or less. Based on a survey of publicly trusted RSA keys, there are...
Astra Linux – Vulnerability in Golang-1.19
The go command may execute arbitrary code during compilation when using cgo. This can occur when running “go get” on a malicious module, or when running any other command that compiles unauthorized code. This issue can be triggered by linker flags, specified via the cgo LDFLAGS directive. Flags...
Astra Linux – Vulnerability in Golang-1.19
The go command may execute arbitrary code during compilation when using cgo. This can occur when running “go get” on a malicious module, or when running any other command that compiles unauthorized code. This issue can be triggered by linker flags, specified via the cgo LDFLAGS directive. The...
Astra Linux – Vulnerability in Golang-1.19
The go command may generate unexpected code during build time when using cgo. This can lead to unexpected behavior when running a Go program that uses cgo. This issue may occur when running a trusted module that contains directories with newline characters in their names. Modules retrieved using...