CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: corrected incorrect kunmap when using LZMA on HIGHMEM platforms As shown in the call trace, the root cause is incorrect pages handled by kunmap: BUG: Kernel NULL pointer dereferencing, address: 00000000 CPU: 1 PID: 40 Comm...

5.5CVSS5.4AI score0.00146EPSS

7.1CVSS5.9AI score0.0023EPSS

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fix to wait on block writeback in the postread case. If the inode is compressed but not encrypted, the function f2fswaitonblockwriteback was not called properly to wait for the GC-ed page writeback in the IPU write path...

5.5CVSS5.3AI score0.00272EPSS

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: Fixed to ensure that compressed blocks are persisted during checkpointing. If the data block in a compressed cluster is not persisted with metadata during a checkpoint, after SPOR, the data may become corrupted. W...

5.5CVSS5.2AI score0.00273EPSS

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fixed the issue to cover normal cluster writes using cprwsem. When we overwrite a compressed cluster with a normal cluster, we should not unlock cprwsem during f2fswriterawpages. Otherwise, data will be corrupted ...

AstraLinux•added 2026/05/03 11:59 p.m.•6 views

Astra Linux – Vulnerability in nghttp2

nghttp2 is an implementation of the Hypertext Transfer Protocol Version 2 in C. The nghttp2 library prior to version 1.61.0 continued to read an unlimited number of HTTP/2 CONTINUATION frames even after a stream was reset, in order to keep the HPACK context synchronized. This caused excessive CPU...

5.3CVSS7AI score0.8496EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in curl

curl 7.84.0 supports “chained” HTTP compression algorithms, which means that a server response can be compressed multiple times, possibly using different algorithms. The number of allowable “links” in this “decompression chain” is unlimited, allowing a malicious server to insert virtually an...

6.5CVSS7.2AI score0.3197EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•6 views

Astra Linux – Vulnerability in zlib, libz-mingw-w64

Before version 1.2.12, zlib allowed memory corruption during deflation i.e., when compressing if the input contained many distant matches...

7.5CVSS6.8AI score0.51733EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: soc-compress: Repositioned and added pcmmutex. If paniconwarn is set and the compress stream DPCM is initiated, then a kernel panic occurs because card-pcmmutex is not properly locked. In the following functions, a warni...

5.4AI score0.00184EPSS

5.8CVSS6.5AI score0.08113EPSS

Astra Linux – Vulnerability in Jetty9

In Eclipse Jetty versions 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0alpha0 to 10.0.0.beta2, and 11.0.0alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, then if an attacker can send a request with a body that ...

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bcachefs: Acquire sumount only when taking snapshots. When I was testing MongoDB using bcachefs with compression, there was a lockdep warning when taking snapshots of MongoDB data volumes. sh $ cat test.sh prog=bcachefs $prog...

5.5CVSS5.5AI score0.00148EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: does not allow unaligned truncation on released compress inode An F2FS image may become corrupted after performing the following test cases: - mkfs.f2fs -O extraattr,compression -f /dev/vdb - mount /dev/vdb...

5.5CVSS5.2AI score0.00225EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid updating the compression context during writeback Bai, Shuangpeng reported a bug as follows: Oops: division error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull...

5.3AI score0.00168EPSS

5.5CVSS5.3AI score0.00116EPSS

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: fixed an issue where the algorithm used for encoded extents was invalid. The current algorithm sanity checks do not properly apply to newly encoded extents. We need to unify the algorithm checks with the...

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo – Fix for compression buffer overflows Unlike the decompression code, the compression code in LZO never checked for output overflows. Instead, it assumes that the caller always provides sufficient buffer space, withou...

7.8CVSS6.1AI score0.00154EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•7 views

Astra Linux – Vulnerability in gdk-pixbuf

GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw-compressed stream of image data in GIF files, where the lzw minimum code size is equal to 12...

8.8CVSS7.8AI score0.01891EPSS