18099 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: rpl: Reserve enough headroom for the MAC header when recompressing the SRH. The function ipv6rplsrhrcv decompresses the RFC 6554 Source Routing Header, swaps the next segment into ipv6hdr-daddr, recompresses it, and then...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV – Lock all vCPUs when synchronizing VMSAs for SNP launch completion. Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests. Allowing the user space to manipulate or run a vCPU while its state is being...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fixed potential NULL dereferencing in ioam6fillTraceData. We need to check in6devget for a possible NULL value, as suggested by Yiming Qian. Also, add skbdstdevrcu instead of skbdstdev, and two missing READONCE calls...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb:dwc3:gadget: Move vbus draw to workqueue context Currently, dwc3gadgetvbusdraw can be called from an atomic context, which in turn invokes APIs from power-supply-core. Some of these PMIC APIs have operations that may enter a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: HID: bpf: preventing buffer overflow in hidhwrequest. Currently, the returned value is considered to be always valid. However, when working with HID-BPF, the returned value can be arbitrarily large, because it is the returned val...
Astra Linux – Vulnerability in pyasn1
pyasn1 is a generic ASN.1 library for Python. Prior to version 0.6.2, a Denial-of-Service issue was identified that could lead to memory exhaustion due to malformed RELATIVE-OID values with excessive continuation octets. This vulnerability has been fixed in version 0.6.2...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: X.509: Fixed out-of-bounds access during the parsing of extensions Leo reports a situation where out-of-bounds access occurs during the parsing of a certificate with empty Basic Constraints or Key Usage extensions. This occurs...
Astra Linux – Vulnerability in Golang 1.19, Golang 1.23
A discrepancy in how Go and C/C++ comments are parsed allowed for code to be smuggled into the resulting cgo binary...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Futex: Do not leak the robustlist pointer during the exec race condition. The functions sysgetrobustlist and compatgetrobustlist use ptracemayaccess to check whether the calling task is allowed to access another task’s...
Astra Linux – Vulnerability in Node-Elliptic
In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed...
Astra Linux – Vulnerability in Firefox and Thunderbird
Through a series of API calls and redirections, an alert dialog controlled by an attacker could have been displayed on another website with the victim website’s URL shown. This vulnerability affects Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8...
Astra Linux – Vulnerability in Firefox
If temporary “one-time” permissions, such as the ability to use the Camera, are granted to a document loaded using a file: URL, those permissions persist in that tab for all other documents loaded from the same file: URL. This is potentially dangerous if the local files come from different source...
Astra Linux – Vulnerability in Firefox
When following a redirect to a publicly accessible web extension file, the URL may have been translated into the actual local path, potentially exposing sensitive information. This vulnerability affects Firefox versions earlier than 111...
Astra Linux – Vulnerability in Firefox
Under certain circumstances, the offline cache of a ServiceWorker may have been leaked to the file system when using private browsing mode. This vulnerability affects Firefox versions earlier than 111...
Astra Linux – Vulnerability in Firefox
When dragging and dropping an image across origins, the size of the image may be leaked. This behavior was present in version 109 and caused web compatibility issues, as well as this security concern. Therefore, this behavior was disabled until further review. This vulnerability affects Firefox...
Astra Linux – Vulnerability in Thunderbird, Firefox
A background script that invokes requestFullscreen and then blocks the main thread could cause the browser to enter fullscreen mode indefinitely, potentially leading to user confusion or spoofing attacks. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
Astra Linux – Vulnerability in Chromium
The use of the after-free operation in the File System API in Google Chrome before version 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Firefox and Thunderbird
A properly crafted CMS message could be processed incorrectly, resulting in an invalid memory read and potentially further memory corruption. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
Astra Linux – Vulnerability in mbedtls
In Arm Mbed TLS before version 2.19.0, and Arm Mbed Crypto before version 2.0.0, when deterministic ECDSA is enabled, an RNG with insufficient entropy is used for blinding. This may allow an attacker to recover a private key through side-channel attacks if a victim signs the same message multiple...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: The issue of a memory leak in ntfsfillsuper was fixed. In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freei...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed the issue where tcx or netkit devices could execute BPFPROGDETACH commands by any user when no program fd was provided, bypassing permission checks. This fix includes a capability check for CAPNETADMIN or CAPSYSADMIN i...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nfs: Return EISDIR when nfs3proccreate is called, if dalias is a directory alias. If we find an alias through nfs3docreate/nfsaddorobtain/dsplicealias that turns out to be a directory dentry, we do not return any errors and simpl...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed a transaction abort during file creation due to name hash collisions. If we attempt to create several files with names that result in the same hash, we must package them in the same directory item, and there is a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against devlec changes. It appears that there were calls to devput without prior calls to devhold, leading to imbalance and UAF Use-After-Fault errors...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfdfreegttmem clears the correct pointer. The pass pointer reference to amdgpubounref is used to clear the correct pointer. Otherwise, amdgpubounref clears the local variable, but the original pointer is not set to...
Astra Linux – Vulnerability in Wireshark
In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This issue was addressed in epan/dissectors/packet-btatt.c by validating opcodes...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mfd: intelsocpmicbxtwc: Use the IRQ domain for USB Type-C devices. While the idea of adapting the driver to utilize the hierarchy of IRQ chips is correct from a design perspective, the implementation contains flaws. This issue wa...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host – Fixed a race condition between unprepare and queuebuf. A client driver may use mhiunpreparefromtransfer to quiesce incoming data during the client driver’s tear-down process. The client driver might also be...
Astra Linux – Vulnerability in ffmpeg
A denial-of-service vulnerability exists in FFmpeg 4.2 due to a memory leak in the filterframe function in vftile.c...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fixed stale file descriptors when a usercopy fails. A failed usercopy of the fencerep object will result in a stale entry in the file descriptor table, as putunusedfd will not release that entry. This allows userland ...
Astra Linux – Vulnerability in Firefox and Thunderbird
It was possible to cause the use of a MessagePort after it had already been freed, which could potentially lead to an exploitable crash. This vulnerability affects Firefox 120, Firefox ESR 115.5.0, and Thunderbird 115.5...
Astra Linux – Vulnerability in imagemagick
ImageMagick 7.0.10-34 allows division by zero in the OptimizeLayerFrames function in MagickCore/layer.c, which may lead to a denial of service...
Astra Linux – Vulnerability in imagemagick
A NULL pointer dereference flaw was discovered in ImageMagick in versions prior to 7.0.10-31, in the ReadSVGImage function in coders/svg.c. This issue arises from not checking the return value from libxml2’s xmlCreatePushParserCtxt function and directly using that value, resulting in a crash and...
Astra Linux – Vulnerability in Apache2
Some modproxy configurations on the Apache HTTP Server versions 2.4.0 through 2.4.55 allow for an HTTP Request Smuggling attack. These configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch, where a non-specific pattern matches a portion of the...
Astra Linux – Vulnerability in Chromium
Before version 104.0.5112.101, using free in Browser Creation in Google Chrome allowed a remote attacker who had convinced a user to perform a specific UI interaction to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions, a malicious server may trigger out-of-bound writes in a connected client. Connections that use GDI or SurfaceCommands to send graphics updates to the client may send...
Astra Linux – Vulnerability in WebKit2GTK
A port redirection issue has been resolved with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4, and iPadOS 14.4, as well as Safari 14.0.3. A malicious website may be able t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: New folios are initialized before being used. KMSAN reports an uninitialized value in longestmatchstd, which is called from ntfscompresswrite. When new folios are allocated without being marked as “uptodate”, and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-net: The recursive rtnllock function occurs during the probe operation. This deadlock appears in a stack trace like this: virtnetprobe rtnllock virtioconfigChangedWork netdevNotifyPeers rtnllock This occurs when the VMM...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix NULL pointer dereference in class dump When a TAPRIO child qdisc is deleted using RTMDELQDISC, the function tapriograft is called with new == NULL and stores NULL into q-qdiscscl - 1. Subsequent RTMGETTCLAS...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fixed the exit race between damoncall and kdamondfn The patch series “mm/damon/core: fixed the exit race between damoncall/damoswalk and kdmond”. Damoncall and damoswalk can leak memory and/or cause deadlocks when...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cgroup: Defer the CSS kill operation on rmdir until after the cgroup is emptied. A series of commits back to v7.0 revised rmdir to comply with the controller invariant, which states that the -cssoffline method of a subsystem...
Astra Linux – Vulnerability in Containerd
Containerd is an open-source container runtime. A bug was discovered in Containerd’s CRI implementation, where a user could exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user’s process fails to launch d...
Astra Linux – Vulnerability in OpenSSL
Issue summary: Checking excessively long DH keys or parameters can be very slow. Applications that use functions such as DHcheck, DHcheckex, or EVPPKEYparamcheck to check DH keys or parameters may experience prolonged delays. If the keys or parameters being checked were obtained from an untrusted...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: unittest: Fix for use-after-free in testdrvprobe The function testdrvprobe retrieves the devicenode from the PCI device, applies an overlay, and then immediately calls ofnodeputdn. This releases the reference held by the PCI core...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: smb: client: Use kzalloc to zero-initialize the security descriptor buffer. The commit 62e7dd0a39c2d “smb: common: change the data type of numaces to le16” involves splitting the le32 numaces field in the struct smbacl structure...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: octeonep VF: Added NULL checks for napibuildskb. The napibuildskb function can return NULL when allocation fails. In octep VFoqprocessrx, the result is used directly without a NULL check in both the single-buffer and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fixed a reference leak in usbdev on probe failure The createcard function takes a reference to the USB device using usbgetdev, and stores the corresponding usbputdev in cardfree, which is installed as the destructor...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed a use-after-free in arenavmclose when processing forks. The arenavmopen function only increments vml-mmapcount, but never registers the child VMA in arena-vmalist. vml-vma always points to the parent VMA; therefore,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fixed multiple graph openings. Since “prepare” can be called multiple times, this can lead to multiple graph openings for the playback path. This will result in memory leaks; therefore, this issue is...