18102 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: arm: pgtable: Fix for NULL pointer dereference issue. When updatemmucacherange is called by updatemmucache, the vmf parameter is NULL, which can lead to a NULL pointer dereference issue in adjustpte. It is not possible to handle...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fixed a memory leak bug in rvumboxinit. In rvumboxinit, the mboxregions variable is not freed or passed out under the switch-default region, which could lead to a memory leak. This bug was identified by a static...
Astra Linux – Vulnerability in Qemu
A reentrancy issue related to DMA was discovered in the Tulip device emulation in QEMU. When Tulip reads from or writes to the rx/tx descriptor, or copies a rx/tx frame, it does not check whether the destination address is its own MMIO address. This can cause the device to trigger MMIO handlers...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: A potential memory leak has been fixed in setupbasectxt. setupbasectxt allocates a memory chunk for uctxt-groups using hfi1allocctxtrcvgroups. When inituserctxt fails, uctxt-groups is not released, which can lead to a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the net, neigh module, do not trigger immediate probes on NUDFAILED from neighmanagedwork. The syzkaller was able to trigger a deadlock for NTFMANAGED entries: - kworker/0:16/14617 is trying to acquire a lock: fffffffff8d4dd37...
Astra Linux – Vulnerability in Netty
The HttpObjectDecoder.java file in Netty before version 4.1.44 allowed a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Video: fbdev: arkfb – Fixed a divide-by-zero bug in arksetpixclock Since the user can control the arguments of ioctl from the user space, there may be situations where a divide-by-zero bug occurs. For example, in the file...
Astra Linux – Vulnerability in WebKit2GTK
A type confusion issue has been resolved through improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15, and iPadOS 15, Safari 15, and watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: hinic: Avoid kernel hangs in hinicgetstats64 When using the hinic device as a bonding slave device and reading statistics from the master bonding device, the kernel may hang. The kernel panic call trace is as follows: Kernel...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: fixed the uninit-value in caifseqpktsendmsg When nrsegs equals zero in iovecfromuser, the object msg-msgiter.iov contains uninitialized stack memory in caifseqpktsendmsg, which is defined in syssendmsg. Therefore, we cannot...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: net: lantiq – Fix for memory corruption in the RX ring. In situations where memory allocation or DMA mapping fails, an invalid address may be programmed into the descriptor. This can lead to memory corruption. If memory allocatio...
Astra Linux – Vulnerability in node-tough-cookie
Versions of the tough-cookie package before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in the rejectPublicSuffixes=false mode. This issue arises from the way in which the objects are initialized...
Astra Linux – Vulnerability in ffmpeg
A denial-of-service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avprivfloatdspallocl function in libavutil/floatdsp.c...
Astra Linux – Vulnerability in Wireshark
In Wireshark versions 3.0.0 to 3.0.3, and 2.6.0 to 2.6.10, the Gryphon dissector could enter an infinite loop. This issue was addressed in the plugin file plugins/epan/gryphon/packet-gryphon.c by checking for a packet length of zero...
Astra Linux – Vulnerability in sane-backends
A out-of-bounds read in SANE Backends before version 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, also known as GHSL-2020-081...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fixed a reference count leak in pprnotifier. According to the comments on pcigetdomainbusandslot, it returns a PCI device with a reference count that increments after use. The caller must decrement the reference count ...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: net/tunnel: Wait until all skuserdata readers complete their operations before releasing the sock. There is a race condition in vxlan where, when deleting a vxlan device during packet reception, there is a possibility that the so...
Astra Linux – Vulnerability in Firefox and Thunderbird
Freeing arbitrary nsIInputStream's on a thread other than the one in which they were created could lead to a use-after-free, potentially causing a crash. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, if the IMA appraisal method is used with the “imaappraise=log” boot parameter, lockdown can be circumvented using kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents the “imaappraise=log” parameter from being set during boot, but this does not cover...
Astra Linux – Vulnerability in LibreOffice
There was an improper certificate validation vulnerability in LibreOffice, where the determination of whether a macro was signed by a trusted author was based solely on comparing the serial number and issuer string of the used certificate with those of a trusted certificate. This is insufficient ...
Astra Linux – Vulnerability in libxstream-java
XStream is software used for serializing Java objects into XML and back again. A vulnerability exists in XStream versions prior to 1.4.17, which may allow a remote attacker with sufficient rights to execute commands on the host by manipulating the processed input stream. However, no users who...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192u: Fixed a deadlock in ieee80211beaconsstop. There is a deadlock in ieee80211beaconsstop, as shown below: Thread 1 | Thread 2 | ieee80211sendbeacon ieee80211beaconsstop | modtimer spinlockirqsave //1 | Wa...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: dma-buf/syncfile: Do not leak fences during merge failures. Each call to addfence performs a dmafenceget operation on the relevant fence. In error-prone scenarios, we did not call dmafenceput, resulting in all those fences bei...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: clk: tegra; tegra124-emc: Fixed a potential memory leak. The resources associated with “tegra” and “tegra124-emc” need to be freed during error handling, otherwise they may be leaked...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sendone: fixed the issue of missing CAN header initialization. The read access to struct canxlframe::len within a j1939 object, which creates a skbuff, revealed that the reserved elements in struct canframe were...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: usb: host: xhci: Fixed a potential memory leak in xhciallocstreaminfo The xhciallocstreaminfo function allocates a stream context array for streaminfo-streamctxarray using xhciallocstreamctx. When an error occurs, the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed a potential data race in rxrpcwaittobeconnected. Inside the loop in rxrpcwaittobeconnected, it checks call-error to determine whether to exit the loop without first checking the call state. This is probably safe, as...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Staging: media: tegra-video: Fixed the use of devicenode after freeing it. At the time of testing, the following code path is followed: - tegracsiinit - tegracsichannelsalloc - foreachchildofnodenode, channel – Iterates over...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: r6040: Fixed the kmemleak in the probe process and removed it. There is a memory leak reported by kmemleak: - Unreferenced object 0xffff888116111000 size 2048: comm “modprobe”, pid 817, jiffies 4294759745 age 76.502s Hex dump...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Makes bpfrefcountacquire failable for non-owning references This patch fixes an incorrect assumption made in the original bpfrefcount series 0. Specifically, it assumes that the BPF program calling bpfrefcountacquire on a...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: IB/IPoIB: Fix legacy IPoIB due to wrong number of queues The cited commit creates child PKEY interfaces over netlink will multiple tx and rx queues, but some devices doesn't support more than 1 tx and 1 rx queues. This causes to ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek – A race condition with genpd has been fixed. If the power domains are first registered with genpd, and then the driver attempts to power them on during the probe sequence, it is possible for a race condition t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use deltimersync instead of deltimer in the fw reset flow of the halting poll. Replace deltimer with deltimersync in the fw reset polling activation flow. This prevents a race condition that occurs when deltimer is call...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm, thp: Bail out early for writeback pages in collapsefile Currently, collapsefile does not explicitly check PGwriteback. Instead, pagehasprivate and trytoreleasepage are used to filter writeback pages. This approach does not wo...
Astra Linux – Vulnerability in Chromium
Before version 91.0.4472.101, using the "after free" mechanism in Google Chrome’s extensions allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in openjpeg2
There is a flaw in the src/lib/openjp2/pi.c file of openjpeg in versions prior to 2.4.0. If an attacker can provide untrusted input to openjpeg’s conversion/encoding functionality, they could cause an out-of-bounds read. The most significant impact of this flaw is the application’s availability...
Astra Linux – Vulnerability in Firefox and Thunderbird
Using the Location API in a loop could cause severe application hangs and crashes. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...
Astra Linux – Vulnerability in Tiff
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service application crash or potentially execute arbitrary code through a crafted TIFF image, which triggers a heap-based buffer overflow...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Added TMF to tmrlist handling An abort that is responded to by iSCSI itself is added to tmrlist, but it does not go to the target core. A LUNRESET that goes through tmrlist takes a refcounter on the abort and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fpga: m10bmc-sec: Fixed probe rollback issues. Properly handled probe error rollbacks to avoid leaks...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: core: Fixed a possible nullptrderef in shpfcmapresources. This issue could lead to a nullptrderef when using ‘res’. If platformgetresource returns NULL, moving using ‘res’ after devmioremapresource will prevent...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport init-annotated xfrm4protocolinit EXPORTSYMBOL and init are a poor combination, as the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Access to a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work when closing a MIDI substream When closing a USB MIDI output substream, there may still be pending work. This work would eventually access the rawmidi runtime object that is being released. To...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the media section, for staging, in media for zoran, the correct buffer size for zoranreapstatcom was calculated incorrectly. When tmpdcim=1 is set, the index of the buffer was miscalculated. This could lead to a NULL pointer...
Astra Linux – Vulnerability in Firefox
If array shift operations are not used, the Garbage Collector may become confused regarding valid objects. This vulnerability affects Firefox versions less than 101...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fixed the rcutortureoneextendcheck function in RT kernels. For kernels built with CONFIGPREEMPTRT=y, running the rcutorture tests resulted in the following errors: 68.797425 rcutortureoneextendcheck: Current value: 0x...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an inode leak in ext4xattrinodecreate, which occurs on an error path. There is a issue when using setxattr with a fault injection: localhost fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 12-Sep-2022 Pass 1: Checking...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV When kdump kernel tries to copy dump data over SR-IOV, LPAR panics due to NULL pointer exception: Kernel attempted to read user page 0 - exploit attempt?...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: qrtr: A refcount bug was fixed in qrtrrecvmsg. Syzbot reported the following bugs: refcountt: Addition of 0; use-after-free. … RIP: 0010:refcountwarnsaturate+0x17c/0x1f0 lib/refcount.c:25 … Call Trace: refcountadd –...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/qedr: Fixed the qedrcreateuserqp error flow. Avoid the following warning by ensuring that allocated resources are freed in case qedrinituserqueue fails. ----------- Cut here --- WARNING: CPU: 0 PID: 143192 at...