18095 matches found
Astra Linux – Vulnerability in Linux 5.10
A vulnerability was discovered in the Linux kernel’s blockinvalidatepage function in the fs/buffer.c file of the filesystem. A missing sanity check may allow a local attacker with user privileges to cause a denial of service DOS issue...
Astra Linux – Vulnerability in Linux, Linux 5.10
A data leak flaw was discovered in the way of the XFSIOCALLOCSP IOCTL in the XFS filesystem, which allows for an increase in file sizes when the size is unaligned. A local attacker could exploit this flaw to leak data from the XFS filesystem that would otherwise be inaccessible to them...
Astra Linux – Vulnerability in Chromium
Type confusion in the loader of Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in extensions in Google Chrome prior to version 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted Google Chrome extension...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in BFCache in Google Chrome prior to version 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 96.0.4664.93, using autofill in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: netsched: Fixed NULL dereferencing in fifosetlimit. syzbot reported another NULL dereferencing in fifosetlimit. 1 I can reproduce the issue with the following commands: unshare -n tc qd add dev lo root handle 1:0 tbf limit...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/sched: schtaprio: properly canceled the timer from tapriodestroy There is a comment in qdisccreate regarding the fact that we do not call ops-reset in some cases. errout4: “Any broken qdiscs that would require an ops-reset...
Astra Linux – Vulnerability in Chromium
Insufficient validation of untrusted input in the Settings section of Google Chrome before version 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page through a crafted HTML page...
Astra Linux – Vulnerability in Vim
Heap-based Buffer Overflow in the GitHub repository vim/vim before version 9.0.0220...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in the Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts into the WebUI through a crafted HTML page...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy function removes the interface before calling destroywork. This causes multiple WARNings from sysfsremovegroup, as the controller rport...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fixed a race condition between the release of rpmsgctrldev and cdev The struct rpmsgctrldev contains a struct cdev. The current code releases the rpmsgctrldev struct in rpmsgctrldevreleasedevice, but the cdev is a...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Tracing/histogram: Fixed a potential memory leak in kstrdup. The kfree function is not called in the error path, resulting in the memory allocated by kstrdup not being freed properly. p = param = kstrdupdata-paramsi, GFPKERNEL...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fixed a hang issue in usbkillurb by adding memory barriers. The syzbot fuzzer has identified a bug in which processes hang while waiting for usbkillurb to return. It turns out that the issue isn’t related to unmounting...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: do not leak PM reference in the error path. If gpminfcapplytimings fails, the PM runtime usage counter must be dropped...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nvme: fixed a possible use-after-free in controller reset during load. Unlike .queuerq, in .submitasyncevent, drivers may not check the ctrl readiness for AER submission. This may lead to a use-after-free condition, which was...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nvme-tcp: fixed a possible use-after-free issue in the transport errorrecovery process. While nvmetcpsubmitasynceventwork checks the ctrl and queue states before preparing the AER command and scheduling iowork, this check is...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf: Fixed list corruption in perfcgroupswitch. There is list corruption in cgrpcpuctxlist. This occurs at the following path: perfcgroupswitch: listforeachentrycgrpcpuctxlist cpuctxschedin ctxschedin ctxpinnedschedin...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Networking layer: Fixed a memory leak that occurred when uncloning an skb dst and its associated metadata. When uncloning an skb dst and its associated metadata, a new dst+metadata is allocated and later replaces the old one in t...
Astra Linux – Vulnerability in Chromium
Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Astra Linux – Vulnerability in Chromium, WebKit2GTK
A heap buffer overflow in WebRTC in Google Chrome prior to version 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 103.0.5060.134, using free after in the Guest View in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 103.0.5060.134, using "after free" in PDF documents in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in WebGL in Google Chrome prior to version 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 103.0.5060.134, using free in Views in Google Chrome allowed a remote attacker who convinced a user to engage in certain user interactions to potentially exploit heap corruption through UI interactions...
Astra Linux – Vulnerability in Chromium
Before version 103.0.5060.134, using the "after free" method in the Service Worker API in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Firefox and Thunderbird
Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 102. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefo...
Astra Linux – Vulnerability in Chromium
Before version 104.0.5112.79, using Tab Strip in Google Chrome on Chrome OS allowed a remote attacker who convinced a user to engage in certain user interactions to potentially exploit heap corruption through specific UI interactions...
Astra Linux – Vulnerability in Chromium
Before version 104.0.5112.79, using Omnibox in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
In the Managed Devices API of Google Chrome, before version 104.0.5112.79, a remote attacker who convinced a user to enable a specific Enterprise policy could potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Wireshark
In Wireshark versions 3.0.0 to 3.0.3, and 2.6.0 to 2.6.10, the Gryphon dissector could enter an infinite loop. This issue was addressed in the plugin file plugins/epan/gryphon/packet-gryphon.c by checking for a packet length of zero...
Astra Linux – Vulnerability in exiv2
In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file may lead to an infinite loop and system hangs, accompanied by high CPU consumption. Remote attackers could exploit this vulnerability to cause a denial of service by using a specially crafted file...
Astra Linux – Vulnerability in htmldoc
HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hdstrlcpy function in string.c when called from rendercontents in ps-pdf.cxx via a crafted HTML document...
Astra Linux – Vulnerability in aspell
In GNU Aspell 0.60.8, objstack has a heap-based buffer overflow in the acommon::ObjStack::duptop function called from acommon::StringMap::add and acommon::Config::lookuplist...
Astra Linux – Vulnerability in Systemd
It was discovered that a Systemd service that uses the DynamicUser property can create a SUID/SGID binary that will be allowed to run as the transient service’s UID/GID even after the service is terminated. A local attacker could exploit this flaw to access resources that will be owned by a...
Astra Linux – Vulnerability in Systemd
It was discovered that a Systemd service that uses the DynamicUser property can obtain new privileges by executing SUID binaries. This allows the service to create binaries belonging to the transient group, with the setgid bit set. A local attacker could exploit this flaw to access resources that...
Astra Linux – Vulnerability in OpenVPN
A vulnerability was discovered in OpenVPN 2.4.x prior to version 2.4.9. An attacker can inject a data channel v2 PDATAV2 packet using the victim’s peer-id. Normally, such packets are discarded. However, if this packet arrives before the data channel crypto parameters have been initialized, the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Scsi: sg: Fix slab-use-after-free issue in sgrelease A use-after-free bug was fixed in sgrelease, detected by syzbot with KASAN: Bug: KASAN: Slab-use-after-free in lockrelease+0x151/0xa30 kernel/locking/lockdep.c:5838...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: hrtimers: Properly handle CPU state during hotplug events. Consider a scenario where a CPU transitions from CPUHPONLINE to CPUHPHRTIMERSPREPARE after being hot-unplugged, and then back to CPUHPONLINE. Since the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fixed the issue of NULL pointer dereferencing during certain command aborts. If a command is queued into the final usable TRB of a ring segment, the enqueue pointer is advanced to the next link TRB and then stops there...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix an off-by-one error in mt7925loadclc This comparison should be set to = instead of to prevent out-of-bounds read and write operations...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: platform/x86: int3472: Check if adev is NULL. Not all devices have an ACPI companion fwnode; therefore, adev might be NULL. This can, for example theoretically, occur when a user manually binds one of the int3472 drivers to anoth...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: HID: winwing: Added a NULL check in winwinginitled. The devmkasprintf function can return a NULL pointer if it fails, but this returned value is not checked in winwinginitled. A NULL check should be added in winwinginitled to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Added a check for the returned value of devmkasprintf. devmkasprintf may return a NULL pointer in case of failure, but this returned value is not checked...
Astra Linux – Vulnerability in ffmpeg, ffmpeg5
It was discovered that FFmpeg git-master, N-113007-g8d24a28d06 contains a segmentation violation through the component /libavcodec/jpeg2000dec.c...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquiring SRCU in KVMGETMPSTATE to protect guest memory accesses Acquiring a lock on kvm-srcu when userspace is obtaining the MP state can lead to a severe edge case where processing APIC events, such as during pending...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Makes vmddev::cfglock of type rawspinlockt Access to the PCI configuration space via pciops::read and pciops::write is a low-level hardware operation. These functions can be accessed with disabled interrupts, even when...
Astra Linux – Vulnerability in openh264
OpenH264 is a free license codec library that supports H.264 encoding and decoding. A vulnerability in the decoding functions of the OpenH264 codec library could allow a remote, unauthenticated attacker to trigger a heap overflow. This vulnerability arises from a race condition between the Sequen...
Astra Linux – Vulnerability in GhostScript
A issue was discovered in Artifex Ghostscript prior to version 10.05.0. The DOCXWRITE TXTWRITE device suffers from a text buffer overflow issue due to the use of long characters in the devices/vector/doccommon.c file...