Lucene search
K

529860 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Gegl

The loadcache function in GEGL before version 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This issue arises due to the use of the system library function for executing the ImageMagick convert fallback in magick-load. NOTE: GEGL versions...

7.8CVSS7.1AI score0.01439EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed possible invalid memory accesses after the FLR operation. In the case where the first Function Level Reset FLR is completed correctly, but during the second FLR, the scratch area for the saved configuration...

7.8CVSS5.6AI score0.00127EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ICMP: Fixed a data race around the sysctlicmperrorsuseinboundifaddr function. When reading sysctlicmperrorsuseinboundifaddr, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...

4.7CVSS6AI score0.00163EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: MIPS: cevt-r4k – Do not call getc0compareint if the timer irq is installed. This prevents a warning: 0.118053 BUG: A sleeping function was called from an invalid context at kernel/locking/mutex.c:283. The issue was caused by the...

5.5CVSS6.1AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevents stack overflow in mlxbfi2csmbusstarttransaction The memcpy function is called in a loop, without checking the upper bound of 'operation-length', and 'dataidx' is also incremented...

7.8CVSS6.3AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/setmemory: Avoid spinlock recursion in changepageattr The commit 1f9ad21c3b38 “powerpc/mm: Implement setmemory routines” included a spinlock call in changepageattr in order to safely perform the three-step operations...

5.5CVSS6.1AI score0.00171EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Added a sentinel to the quirks table. The current driver lacks a sentinel in the struct socdeviceattribute array, which causes a buffer overflow error when the socdevicematchmt7621pciequirksmatch function is called...

5.5CVSS6AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validates the session ID and tree ID in compound requests. The function smb2getmsg in smb2getksmbdtcon and smb2checkusersession always returns the first command in a compound request’s headers. If SMB2TREECONNECTHE is the...

5.5CVSS5.7AI score0.17442EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in zziplib

The infinite loop in zziplib v0.13.69 allows remote attackers to cause a denial of service by using the return value “zzipfileread” in the function “unzzipcatfile”...

3.3CVSS5.7AI score0.00745EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in gst-plugins-base1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function, located in id3v2.c. If id3v2readsynchuint is called with a null work-hdr.framedata, the pointer guint8 data is accessed without validatio...

7.5CVSS6.8AI score0.01074EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: qlogic: qlcnic: A NULL pointer dereference was fixed in qlcnic83xxaddrings. In qlcnic83xxaddrings, the indirect function ahw-hwops-allocmbxargs is called to allocate memory for cmd.req.arg. A dereference of this variable...

5.5CVSS5.3AI score0.00251EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix the dmabuf object leak in fastrpcmaplookup In fastrpcmaplookup, the dmabufget function is called to obtain a reference to the dmabuf object for comparison purposes. However, this reference is never released whe...

5.2AI score0.00171EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: think-lmi: Fixed memory leaks when parsing ThinkStation WMI strings My previous commit introduced a memory leak, where the memory allocated by the tlmisetting function was not freed. This commit also renames the...

5.2AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Closures: Change BUGON to WARNON If a BUGON function is actually executed, it shouldn’t be considered a real BUG. For reference, this issue has occurred once during the continuous integration process. We will need more informatio...

5.5CVSS6.2AI score0.00214EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fixed the issue of information leakage due to DMAFROMDEVICE. The problem I’m addressing was discovered during the LTP test covering cve-2018-1000204. A brief description of what happens is as follows: 1 The test case sen...

5.5CVSS6.2AI score0.00265EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow A UAF can occur when reading /proc/cpuset, as reported in 1. This issue can be reproduced using the following methods: 1. Add an mdelay1000 before acquiring the cgrouplock in the...

5.5CVSS6.3AI score0.00223EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a segmentation fault in the applysaointernal function, which can be exploited through a properly crafted file...

6.5CVSS6.6AI score0.00937EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: NFC: NULLed the dev-rfkill to prevent UAF The commit 3e3b5dfcd16a “NFC: reordered the logic in nfcun,registerdevice” assumes that the deviceisregistered function in the nfcdevup function will help to check when the rfkill is...

7.8CVSS6.4AI score0.00258EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM with Windows 11 as the host, that the gadgetgiveback function appends one byte to the end of a properly...

7.5CVSS6AI score0.01287EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in openconnect

OpenConnect through version 8.08 mishandles negative return values from X509check function calls, which may assist attackers in performing man-in-the-middle attacks...

5.9CVSS5.9AI score0.01695EPSS
Exploits0References2
Rows per page
Query Builder