18095 matches found
Astra Linux – Vulnerability in Thunderbird
A use-after-free was identified in the nsDNSService::Init code. This issue seems to occur rarely during startup. This vulnerability affects Firefox ESR 115.6 and Thunderbird 115.6...
Astra Linux – Vulnerability in Firefox and Thunderbird
Memory safety bugs exist in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...
Astra Linux – Vulnerability in Linux 5.15
A memory leak flaw was discovered in nftsetcatchallflush in net/netfilter/nftablesapi.c within the Linux Kernel. This issue may allow a local attacker to cause double-deactivation of catchall elements, which can lead to a memory leak...
Astra Linux – Vulnerability in Vim
Heap-based Buffer Overflow in the GitHub repository vim/vim before version 9.0.1848...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: i2c: core: Perform atomic i2c transfers when !preemptible is set. Since bae1d3a05a8b, i2c transfers are not atomic if preemption is disabled. However, non-atomic i2c transfers require preemption e.g., during waitforcompletion, wh...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: The BUGON flag has been removed when the event pool is empty. In practice, the driver should never send more commands than are allocated to the event pool. If this happens, the code will assert the BUGON flag. In th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Do not offline the last non-isolated CPU. If a system has isolated CPUs via the “isolcpus=” command-line parameter, then attempting to offline the last housekeeping CPU will result in a WARNON message when rebuilding...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k – Fix for htt.pktlog locking. The ath11k active PDevs are protected by RCUs, but the code that handles htt.pktlog, namely ath11kmacgetarbypdevid, was not marked as a read-side critical section. Mark the relevant code...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: mux: Added checks and calls to kstrdup. A check is performed on the return value of kstrdup; if it fails, an error is returned to avoid NULL pointer dereferencing. Additionally, kfree is used in the subsequent error...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Added a null pointer check to scom DebugInitOne. The kasprintf function returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure. A null pointer check should be added, and th...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/panel: fixed a possible null pointer dereferencing issue. In versatilepanelgetmodes, the return value of drmmodeduplicate is assigned to mode, which could lead to a NULL pointer dereferencing issue if drmmodeduplicate fails. ...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fixed handling of IRQs due to shared interrupts. The driver requests interrupts using IRQFSHARED, so the interrupt handlers can be called at any time. If such a call occurs while the ISP is powered down, the SoC wi...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Added missing error checks to ctlget The ctlget functions that call scarlett2update did not check the return value. This issue has been fixed by adding error checks and passing the return value to the caller...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6765 – Added a check for the return value of mtkallocclkdata. The check is added to avoid dereferencing a NULL pointer...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: config: fix iteration issue in ‘usbgetbosdescriptor’ The BOS descriptor defines a root descriptor and serves as the base descriptor for accessing a family of related descriptors. The function usbgetbosdescriptor encounters a...
Astra Linux – Vulnerability in Linux 6.1
In drivers/accel/habanalabs/common/habanalabsioctl.c of the Linux kernel, from version 6.6.5 onwards, an information leak to user space is possible because info-pad0 is not initialized...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A issue was discovered in the Linux kernel before version 6.6.8. The dovccioctl function in net/atm/ioctl.c has a use-after-free issue due to a race condition involving vccrecvmsg...
Astra Linux – Vulnerability in ofono
A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug occurs within the decodedeliver function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through SMS. There i...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validates the session ID and tree ID in a compound request. This patch validates the session ID and tree ID within a compound request. If the first operation in the compound is an SMB2 ECHO request, ksmbd bypasses the...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: A out-of-bounds read occurred in smb2sesssetup. ksmbd does not consider the case where smb2sesssetup is part of a compound request. If this is the second payload of the compound request, an OOB Out-of-Bounds read issue...
Astra Linux – Vulnerability in Vim
Heap-based Buffer Overflow in the GitHub repository vim/vim before version 9.0.1873...
Astra Linux – Vulnerability in Thunderbird
The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If this information is present, Thunderbird does not compare the signature creation date with the message’s date and time, and displays a valid signature even if there is a mismat...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A issue was discovered in the Linux kernel before version 6.6.8. The atalkioctl function in net/appletalk/ddp.c has a use-after-free issue due to a race condition involving atalkrecvmsg...
Astra Linux – Vulnerability in Linux 5.15
A out-of-bounds memory read flaw was discovered in the parseleasestate function within the KSMBD implementation of the in-kernel Samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command along with a malformed payload to KSMBD, due to a lack of checks on the NameOffset...
Astra Linux – Vulnerability in Linux 6.1
A vulnerability was discovered in comparenetdevandip in drivers/infiniband/core/cma.c within RDMA in the Linux kernel. Improper cleanup leads to out-of-boundary reads, allowing a local user to exploit this issue to crash the system or escalate privileges...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The issue of slub overflow in ksmbddecodentlmsspauthblob has been fixed. If authblob-SessionKey.Length is larger than the size of the session key CIFSKEYSIZE, slub overflow can occur in the key exchange process. The functi...
Astra Linux – Vulnerability in Linux 6.1
A flaw was discovered in KVM. An improper check in svmsetx2apicmsrinterception may allow direct access to the host’s x2apic MSRs when the guest resets its APIC, potentially leading to a denial-of-service condition...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: spi: sun6i – reduced the DMA RX transfer width to a single byte. Through empirical testing, it has been determined that sometimes RX SPI transfers with DMA enabled may return corrupted data. This issue arises due to the loss of o...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: rejection iftype changes with mesh ID changes It is currently possible to change the mesh ID when the interface is not yet in mesh mode, while also changing it into mesh mode. This leads to an overwrite of data in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: serial/pmaczilog: The flawed mitigation for rx irq flood has been removed. The mitigation was intended to completely stop the irq. This might be better than a hard lock-up, but it turns out that a crash still occurs if pmaczilog ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fixed incomplete endpoint checking While vmk80xx does implement endpoint checking, some issues may still go unnoticed. Depending on the hardware model, URBs can have either bulk or interrupt types, and the curren...
Astra Linux – Vulnerability in glibc
The iconv function in the GNU C Library versions 2.39 and earlier may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set. This could potentially cause an application to crash or overwrite a neighboring variable...
Astra Linux – Vulnerability in Samba
MaxQueryDuration is not honored in Samba AD DC LDAP...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Ensure that rdmaaddrcancel is called before issuing more requests. The FSM can enter a loop, allowing rdmaresolveip to be called twice with the same idpriv. Although this cannot occur without going through this process,...
Astra Linux – Vulnerability in Samba
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on November 8, 2022, and according to RFC8429, it is assumed that RC4-HMAC is weak. Vulnerable Samba Active Directory Domain Controllers will issue RC4-HMAC encrypted tickets, even though the targe...
Astra Linux – Vulnerability in Samba
A flaw was discovered in Samba. An incomplete access check on dnsHostName allows authenticated, but otherwise unprivileged users to delete this attribute from any object in the directory...
Astra Linux – Vulnerability in GhostScript
A vulnerability classified as problematic was discovered in GhostPCL 9.55.0. This vulnerability affects the chunkfreeobject function in the gsmchunk.c file. Manipulation with a malicious file can lead to memory corruption. The attack can be initiated remotely, but requires user interaction. The...
Astra Linux – Vulnerability in amd64-microcode
Incomplete system memory cleanup in the SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity...
Astra Linux – Vulnerability in OVN
A flaw was discovered in Open Virtual Network, where the service monitor MAC does not properly implement rate limiting. This issue could allow an attacker to cause a denial of service, even in deployments with CoPP enabled and properly configured...
Astra Linux – Vulnerability in Intel Microcode
Incorrect calculations in the microcode keying mechanism of certain IntelR XeonR D processors with IntelR SGX may allow a privileged user to potentially enable information disclosure through local access...
Astra Linux – Vulnerability in Intel Microcode
Improper input validation in some IntelR TDX module software prior to version 1.5.05.46.698 may allow a privileged user to potentially enable privilege escalation through local access...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: WireGuard: netlink: Access the device through ctx instead of peer. The previous commit fixed a bug that resulted in a NULL peer-device being dereferenced. In terms of performance, it is actually easier and faster to obtain the...
Astra Linux – Vulnerability in Ruby 2.5
A issue was discovered in RDoc versions 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdocoptions used for configuration in RDoc as a YAML file, object injection and resulting remote code execution are possible because there are no restrictions on the classes that c...
Astra Linux – Vulnerability in Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fixed the potential issue of using “glock” after a file system unmount. When a DLM lockspace is released and there are still locks in that lockspace, the DLM will automatically unlock those locks. Commit fb6791d100d1b...
Astra Linux – Vulnerability in bind9
The DNS message parsing code in named includes a section whose computational complexity is excessively high. This does not cause problems for typical DNS traffic, but crafted queries and responses may lead to excessive CPU load on the affected named instance by exploiting this flaw. This issue...
Astra Linux – Vulnerability in Intel Microcode
Hardware logic in some Intel processors may contain race conditions, which could allow an authenticated user to potentially enable partial information disclosure through local access...
Astra Linux – Vulnerability in Intel Microcode
Improper isolation in some IntelR processor stream cache mechanisms may allow an authenticated user to potentially enable privilege escalation through local access...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in Oracle Java SE component: Hotspot. The supported versions affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, and 23. This vulnerability is difficult to exploit; an unauthenticated attacker with network access via multiple protocols can compromise Oracle Jav...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK:...
Astra Linux – Vulnerability in OVN
A flaw was discovered in the Open Virtual Network OVN. In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from within unprivileged workloads, including virtual machines or containers, which can trigger a denial of...