18095 matches found
Astra Linux – Vulnerability in libsoup3
There is a vulnerability related to request smuggling in LibSoup’s HTTP/1 header parsing logic. The soupmessageheaders.AppendCommon function in libsoup/soup-message-headers.c appends each header value unconditionally, without checking for duplicates or conflicting Content-Length fields. This allo...
Astra Linux – Vulnerability in Chromium
The use of “after free” in Proxy in Google Chrome before version 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: Critical...
Astra Linux – Vulnerability in GIMP
GIMP ICO File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...
Astra Linux – Vulnerability in Chromium
Before version 147.0.7727.55, reading and writing outside the bounds of V8 in Google Chrome allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
The use of after-free in WebRTC in Google Chrome before version 147.0.7727.55 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: erofs: Proper handling of the end of the filesystem is required for file-backed mounts. I/O requests that go beyond the end of the filesystem should be set to zero, similar to the behavior of loopback devices. This is what we...
Astra Linux – Vulnerability in Chromium
A cryptographic flaw in PDFium in Google Chrome prior to version 147.0.7727.55 allowed an attacker to read potentially sensitive information from encrypted PDFs through a brute-force attack. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
The use of after-free in Forms in Google Chrome before version 147.0.7727.101 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in openexr
OpenEXR provides the specification and reference implementation of the EXR file format, a image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, the per-pixel totals are accumulated in vectors of unsigned integers, called totalsizes. These totalsizes are wrapp...
Astra Linux – Vulnerability in Python 3.11
Python-Markdown version 3.8 contains a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Since Python-Markdown does not catch this exception, any application that processes Markdown controlled by...
Astra Linux – Vulnerability in Flatpak
Flatpak is a Linux application sandboxing and distribution framework. Prior to version 1.16.4, the Flatpak portal allowed paths in the sandbox-expose options, which could be app-controlled symbolic links pointing to arbitrary paths. Flatpak’s “flatpak run” command mounted the resolved host path i...
Astra Linux – Vulnerability in Python 3.11
When folding a long comment within an email header that contains only printable characters, the parentheses will not be preserved. This can be exploited to inject headers into email messages where the addresses are controlled by users and not sanitized...
Astra Linux – Vulnerability in Firefox and Thunderbird
DOM spoofing issue: Copy & Paste and Drag & Drop components. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
Astra Linux – Vulnerability in Python 3.11
The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class, and therefore does not use io.opencode to read the .pyc files. As a result, the sys.audit handlers for this audit event do not trigger...
Astra Linux – Vulnerability in Chromium
In ServiceWorkers of Google Chrome prior to version 147.0.7727.55, bypassing the content security policy was possible when a remote attacker used a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in pypdf2
pypdf is a free and open-source Python-based PDF library. Prior to version 6.7.2, an attacker who exploited this vulnerability could create a PDF that would lead to an infinite loop. This required reading the file. This issue has been fixed in pypdf 6.7.2. As a workaround, one can manually apply...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverexecuteresult indexed the global errorcodenames array 7 elements, indices 0–6 using an unchecked execResult-execResult value received from the server. This led to a potential out-of-bounds read...
Astra Linux – Vulnerability in Flatpak
Flatpak is a Linux application sandboxing and distribution framework. Prior to version 1.16.4, the caching mechanism for ld.so removed outdated cache files without properly checking whether the app’s control over the path to the outdated cache was valid within the cache directory. This allowed...
Astra Linux – Vulnerability in ORC
A stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked into processing a specially crafted file using the affected ORC compiler, arbitrary code may be executed on the developer’s build environment. This may result in compromise ...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, there was a heap-buffer-overflow vulnerability at 24 bytes before the allocation, in the function winpralignedoffsetrecalloc. This issue has been fixed in version 3.24.2...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed a memory leak in the GETDATADIRECTSYSFSPATH handler. The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceed...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: i3c: dw: Fixed a memory leak in dwi3cmasteri2cxfers The dwi3cmasteri2cxfers function allocates memory for the xfer structure using dwi3cmasterallocxfer. If pmruntimeresumeandget fails, the function returns without freeing the...
Astra Linux – Vulnerability in exiv2
Exiv2 is a C++ library and a command-line utility for reading, writing, deleting, and modifying image metadata in formats such as Exif, IPTC, XMP, and ICC. Prior to version 0.28.8, a buffer overflow vulnerability was discovered in Exiv2. The vulnerability lies in the preview component, which only...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: Added an seqadj extension for natted connections. Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. This is due to the need to rewrite the packet payload IP, port on the ftp control...
Astra Linux – Vulnerability in Chromium
The use of after-free in CSS in Google Chrome before version 147.0.7727.101 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
The use of after free in Dawn in Google Chrome before version 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
The use of after-free in Cast in Google Chrome before version 147.0.7727.101 allowed a remote attacker to execute arbitrary code through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in libsoup3
A flaw was discovered in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF Carriage Return Line Feed sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary...
Astra Linux – Vulnerability in Chromium
Before version 146.0.7680.153, read and write operations in WebGL in Google Chrome allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Critical...
Astra Linux – Vulnerability in libssh
A flaw was discovered in libssh. The API function sshgethexa is vulnerable to a denial-of-service attack when processing zero-length inputs. This vulnerability can be exploited remotely by an attacker during GSSAPI Generic Security Service Application Program Interface authentication, if the...
Astra Linux – Vulnerability in Chromium
The use of after-free in navigation in Google Chrome before version 147.0.7727.55 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validates the owner of the durable handle upon reconnection. Currently, ksmbd does not verify whether the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit, but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers a kmemleak:...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Added a sanity check for OOB writes during silencing. During silencing, the playback URB packets are processed in the implicit fb mode before actual playback. We assume blindly that the received packets fit withi...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed a double-free in rxesrqfrominit. In rxesrqfrominit, the queue pointer ‘q’ is assigned to ‘srq-rq.queue’ before copying the SRQ number to user space. If copytouser fails, the function calls rxequeuecleanup to free...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: dlm: Length validation in dlmsearchrsbtree was added. The len parameter in dlmdumprsbname is not validated and comes from network messages. When this parameter exceeds DLMRESNAMEMAXLEN, it may cause an out-of-bounds write in...
Astra Linux – Vulnerability in firewalld
A flaw was discovered in firewalld. A local unprivileged user can exploit this vulnerability by improperly authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This improper authorization allows the user to modify the runtime firewall state without proper...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: bonding: Fixed a use-after-free in bondxmitbroadcast. bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it for others. Concurrent slave enslave/release operations can mutat...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets When the FarSync T-series card is being detached, the fstcardinfo is deallocated in fstremoveone. However, the fsttxtask or fstinttask may still be running ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xhci: Fixed a NULL pointer dereference issue when reading PortLib’s debugfs files. Michal reported and debugged a NULL pointer dereference bug in the recently added PortLib’s debugfs files. The issue occurs when there are more po...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fixed access to stale wptr mapping. Use drmexec to take both locks—i.e., vmrootbo and wptrobjbo—to properly access the mapping data. This fixes the security issue where wptrobj is unmapped while a queue creation...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: - In net: The variable sk-skfamily was read once in the function skmcloop. - syzbot is frequently using IPV6ADDRFORM; it managed to trigger the WARNONONCE1 function in skmcloop. We still have many more similar issues that need...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fixed a leak in the attachment of DMA buffers in xegemprimeimport. When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach before returning an error. Note: We cannot use goto...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Validated the length of inherited ACE SIDs. smbinheritdacl iterates through the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the correct SID header before using it,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: The use of commitmutex in the reset path has been removed. This issue causes a circular lock dependency between the commitmutex, nfnlsubsysipset, and nlkcbmutex when performing nft reset, listing IP sets, or...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher – default implementation for setting a private key Changes from v1: - The default implementation of setpubkey was removed. It is assumed that an implementation must always have this callback defined, as there are...
Astra Linux – Vulnerability in ffmpeg5
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, decompress and decode it into the buffer td-rlerawdata of size rlerawsize a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fixed an integer overflow in aie2queryctxstatusarray. The unpublished smatch static checker reported a warning. In drivers/accel/amdxdna/aie2pci.c, line 904 of aie2queryctxstatusarray: Warning: Potential...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: netlink: fixed a potential deadlock in netlinkseterr syzbot reported a possible deadlock in netlinkseterr 1 A similar issue was fixed in commit 1d482e666b8e “netlink: disabling IRQs for netlinklocktable” in netlinklocktable Th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Thermal: The race that occurs during the removal of the thermal zone during resume can be avoided. Since thermalzonepmComplete and thermalzonedeviceresume reinitialize the delayed work of pollqueue for the given thermal zone,...