18102 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7996 – added a missing check for RX wcid entries. Non-station wcid entries must not be passed to the RX functions. In the case of the global wcid entry, it could even lead to corruption in the wcid array due to the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb: scarlett2: Fixed missing NULL checks. The scarlett2inputselectctlinfo function sets up the string arrays using kasprintf, but it fails to perform NULL checks. This could lead to NULL dereferencing errors. We need to ad...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Firmware: csdsp: Fixed out-of-bounds memory read access in KUnit tests wmfw info KASAN reported an out-of-bounds access – csdspmockwmfwaddinfo, because the length of the source string was rounded up to the allocation size...
Astra Linux – Vulnerability in Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: “sh: push-switch: Reorder cleanup operations to avoid use-after-free bug” The original code placed “flushwork” before “timershutdownsync” in “switchdrvremove”. Although we use “flushwork” to stop the worker, it could be reschedul...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-msm: pervent access to suspended controller The generic sdhci code registers the LED device and uses the host-runtimesuspended flag to protect access to it. The sdhci-msm driver does not set this flag, which results in...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: fixed RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is pointless and harmful. revert to using checkforlocks, and change it to not sleep. Firstly, it’s harmful. As documented in the kdoc comment for...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: HID: sony: Fixed a potential memory leak in sonyprobe. If an error occurs after a successful usballocurb call, usbfreeurb should be called...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the drivers/md/dm-table.c file, the dmtablecreate function in the Linux kernel from version 6.7.4 onwards may attempt to allocate more than INTMAX bytes using alloctargets. This can lead to a crash due to a missing check for the struct dmioctl.targetcount structure...
Astra Linux – Vulnerability in gst-plugins-bad1.0
GStreamer AV1 Codec Parsing Heap-based Buffer Overflow: A Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vecto...
Astra Linux – Vulnerability in exempi
The XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...
Astra Linux – Vulnerability in Linux 5.15
A issue was discovered in the Linux kernel before version 6.3.4. In the fs/ksmbd/connection.c file of ksmbd, there is an off-by-one error in memory allocation due to ksmbdsmb2checkmessage, which may lead to out-of-bounds access...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: octeontx2-pf: Fixed the use of GFPKERNEL in atomic contexts for rt. The commit 4af1b64f80fb “octeontx2-pf: Fixed the lmtst ID used in aurafree” uses get/putcpu to protect the usage of percpu pointers in the -aurafreeptr...
Astra Linux – Vulnerability in WebKit2GTK
A memory corruption issue has been resolved through improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15, and iPadOS 15, as well as watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: cifs: fixed a double-free race that occurs when the mount operation fails in cifsgetroot When cifsgetroot fails during cifssmb3domount, we call deactivatelockedsuper, which will eventually call delayedfree, which will free the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iwlwifi: Fixed memory leaks in error handling paths. If an error occurs such as an invalid TLV length or a memory allocation failure, the memory already allocated in ‘reducepowerdata’ should be freed before returning the resul...
Astra Linux – Vulnerability in WebKit2GTK
A buffer overflow issue has been addressed through improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4, and iPadOS 15.4, as well as tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: megaraidsas: A resource leak has been fixed in case of probe failures. The driver does not properly clean up all allocated resources when the scsiaddhost or megasasstartaen functions fail during the PCI device probe. All...
Astra Linux – Vulnerability in Thunderbird
Thunderbird versions prior to 91.3.0 are vulnerable to a heap overflow vulnerability described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA ...
Astra Linux – Vulnerability in PostgresSQL 11
A flaw was discovered in PostgreSQL. By using an UPDATE...RETURNING command on a specially crafted table, an authenticated database user could read arbitrary bytes of server memory. The most significant threat of this vulnerability is data confidentiality...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fixed a kernel panic that occurred during PIO transfers. Attempting to initiate a new PIO transfer by setting the PIOSTART register to 0, when the previous transfer has not yet completed indicated by a value of 1 i...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftct: Skip the evaluation of rules for confirmed conntrack entries. The nftctexpectobjeval function calls nfctextadd for confirmed conntrack entries. However, nfctextadd can only be called when !nfctisconfirmed is...
Astra Linux – Vulnerability in ffmpeg
There is a heap-based Buffer Overflow vulnerability in FFmpeg 4.2, located in libavfilter/vfcolorconstancy.c, specifically in the slicegetderivative function within fadegetderivative. This vulnerability may lead to memory corruption and other potential issues...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent panic when SDMA is disabled. If the hfi1 module is loaded with HFI1CAPSDMA disabled, a call to hfi1writeiter will dereference a NULL pointer, resulting in a panic. A typical stack frame looks like this:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: vduse: Fixed NULL pointer dereferencing during sysfs access. The control device does not have a drvdata field. Therefore, a NULL pointer dereferencing will occur when accessing the msgtimeout attribute of the control device via...
Astra Linux – Vulnerability in Chromium
Before version 92.0.4515.107, Autofill in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in ffmpeg
An integer overflow vulnerability exists in the avtimecodemakestring function in libavutil/timecode.c within FFmpeg version 4.3.2. This vulnerability allows local attackers to cause a Denial-of-Service DoS attack through a crafted .mov file...
Astra Linux – Vulnerability in Chromium
Insecure security user interfaces during downloads in Google Chrome on Android before version 90.0.4430.93 allowed a remote attacker to perform domain spoofing through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in the File System API of Google Chrome prior to version 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions through a crafted HTML page...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: hwmon: ibmpex Fixed a potential UAF condition when ibmpexregisterbmc fails. A warning message was generated as follows: drivers/hwmon/ibmpex.c:509: Error message from ibmpexregisterbmc: “&data-list” was not removed from the list...
Astra Linux – Vulnerability in WebKit2GTK
A type confusion issue has been addressed through improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, and Safari. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that...
Astra Linux – Vulnerability in CGal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...
Astra Linux – Vulnerability in fig2dev
Fig2dev 3.2.7b contains a stack buffer overflow in the bezierspline function in genepic.c...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: workqueue: fixed a data race with the pwq-stats increment KCSAN has identified a data race in kernel/workqueue.c:2598: 1863.554079 ================================================================== 1863.554118 BUG: KCSAN: data-ra...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: BPF, sockmap: Fixed a potential memory leak in an unlikely error case. If the skblinearize function is required and fails, we might leak a message during error handling. To address this issue, we must free the message buffer befo...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerabilities have been resolved: m68k: For mvme147 and mvme16x architectures, do not wipe the PCC timer configuration bits. Do not clear the timer 1 configuration bits when clearing the interrupt flag and counter overflow. As reported by Michael, “This result...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: hisi: Fixed a potential UAF issue in OPP handling. Ensured that all required data is acquired before calling devpmoppputop, to maintain the correct order of resource acquisition and release...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Added a null pointer check for inode operations This adds a sanity check for the iop pointer of the inode, which is returned after reading the Root directory MFT record. We should check that the iop is valid before...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: net:sched: fixed a possible refcount leak in tcnewtfilter. It is necessary to call tfilterput to store the refcount obtained from tp-ops-get, to avoid possible refcount leaks when chain-tmpltops != NULL and chain-tmpltops !=...
Astra Linux – Vulnerability in openimageio
There is a heap-based buffer overflow vulnerability in the tile decoding code of the TIFF image parser in OpenImageIO’s master-branch-9aeece7a and v2.3.19.0. A specially crafted TIFF file can lead to out-of-bounds memory corruption, which may result in arbitrary code execution. An attacker can...
Astra Linux – Vulnerability in CGal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: cipso: Fixed data races related to sysctl. When reading sysctl variables, they can be changed concurrently. Therefore, we need to add READONCE to avoid data races...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: igc: Fixed use-after-free errors during reset. The next descriptor to be watched nexttowatch is cleared when cleaning the TX ring. Failure to do this can lead to invalid memory accesses. If igcpoll runs while the controller is...
Astra Linux – Vulnerability in Linux, Linux 5.10
The FireWire subsystem in the Linux kernel up to version 5.14.13 has a buffer overflow issue related to the drivers/media/FireWire/firedtv-avc.c and drivers/media/FireWire/firedtv-ci.c files. This issue arises due to improper handling of bounds checking by the avccapmt function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Zap all roots when unmapping gfn range in TDP MMU Both valid and invalid roots are cleared when unmapping a gfn range. KVM must ensure that it does not hold any references to the freed page after the unmapping...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed the rxrpcpeer leak in rxrpclookupbundle. It is necessary to call rxrpcputpeer for the bundle candidate before kfree, as it holds a reference to rxrpcpeer. DH: v2: The code for freeing bundles has been moved to a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Drivers: perf: Do not broadcast to other CPUs when starting a counter This command: $ perf record -e cycles:k -e instructions:k -c 10000 -m 64M dd if=/dev/zero of=/dev/null count=1000 produces this kernel warning: 444.364395...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fixed potential NULL dereferencing. The bpfjitbinaryfree function requires a non-NULL argument. When the RISC-V BPF JIT fails to converge within NRJITITERATIONS steps, jitdata-header will be NULL, triggering a NULL...
Astra Linux – Vulnerability in Poppler
The Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service...
Astra Linux – Vulnerability in RustC
crossbeam-utils provides atomic operations, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. Prior to version 0.8.7, crossbeam-utils incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: net/packet: fixed a slab-out-of-bounds access in packetrecvmsg syzbot found that when an AFPACKET socket uses PACKETCOPYTHRESH and mmap operations, tpacketrcv queues SkBs with garbage in skb-cb, causing an excessive copy...