CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7CVSS6.4AI score0.00021EPSS

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fixed a use-after-free vulnerability in the cdnsi3cmasterprobe function due to race conditions. In the cdnsi3cmasterprobe function, &master-hjwork is bound to cdnsi3cmasterhj. The cdnsi3cmasterinterrupt functio...

7.8CVSS6.1AI score0.00018EPSS

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: Check ctr-cnr to avoid array index out of bounds. The cmtpaddconnection function adds a CMTS session to a controller and runs a kernel thread to process CMTS operations. modulegetTHISMODULE; session-task =...

6.5CVSS6.9AI score0.00176EPSS

Astra Linux - уязвимость в qemu

A divide-by-zero issue was discovered in dwc2handlepacket in hw/usb/hcd-dwc2.c, within the hcd-dwc2 USB host controller emulation in QEMU. A malicious guest could exploit this flaw to crash the QEMU process on the host, resulting in a denial of service...

5.5CVSS5.7AI score0.00018EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvme: Fix for admin queue leaks upon controller reset When the nvmeallocadmintagset function is called during a controller reset, a previously existing admin queue may still exist. Properly release this queue before allocating a...

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в linux-5.15

A buffer overflow vulnerability was discovered in the Linux kernel’s Intel iSMT SMBus host controller driver. This vulnerability allows a local user to crash the system by triggering the I2CSMBUSBLOCKDATA function with malicious input data. source-iocs-preserved const=I2CSMBUS...

5.5CVSS6.9AI score0.0004EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvme: Fixed a possible use-after-free condition during controller reset during loading. Unlike .queuerq, in .submitasyncevent, drivers may not check the state of ctrl before submitting an AER. This can lead to a use-after-free...

7CVSS6.2AI score0.00016EPSS

6.3CVSS7.4AI score0.00163EPSS

Astra Linux - уязвимость в qemu

A heap-based buffer overflow was discovered in QEMU version 5.0.0 in the SDHCI device emulation support. This vulnerability could occur during a multi-block SDMA transfer using the sdhcisdmatransfermultiBlocks routine in the hw/sd/sdhci.c file. A malicious user or process could exploit this flaw ...

7.2CVSS7.9AI score0.00035EPSS

Astra Linux - уязвимость в intel-microcode

Incorrect default permissions in some memory controller configurations for some IntelR XeonR Processors when using IntelR Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access...

4.6CVSS6.8AI score0.00138EPSS

Astra Linux - уязвимость в ansible

A flaw was discovered in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then select a new destination path on the controller node. All versions under 2.7.x, 2.8.x, and 2.9.x branches are believed to be vulnerable...

Exploits1References2

5.5CVSS6.1AI score0.00011EPSS

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Avoid leaking tags when processing the OPCINBSETCONTROLLERCONFIG command. The tags allocated for the OPCINBSETCONTROLLERCONFIG command need to be freed when we receive the response...

7.8CVSS6AI score0.00067EPSS

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: spi: Fixed the simplification of devmspiregistercontroller. This change is reflected in commit 59ebbe40fb51 “spi: simplified devmspiregistercontroller“”. If devmaddaction fails in devmaddactionorreset, devmspiunregister will be...

Exploits0References1

7.8CVSS5.8AI score0.00022EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early The creation of debugfs files is now moved to a dedicated function. It is ensured that these files are explicitly removed during vhcirelease, before the...

6CVSS7AI score0.00026EPSS

Astra Linux - уязвимость в qemu

A out-of-bounds heap buffer access issue was identified in the ARM Generic Interrupt Controller emulator of QEMU, as of and including qemu 4.2.0 on the aarch64 platform. The issue arises because, when writing an interrupt ID to the controller’s memory area, it is not masked to be 4 bits wide. Thi...

5.5CVSS6.5AI score0.00066EPSS

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent device will not be found, leading to a NULL pointer dereference. This issue can also be...

6CVSS7.1AI score0.00015EPSS

Astra Linux - уязвимость в qemu

A heap-based buffer overflow was discovered in the SDHCI device emulation of QEMU. The bug is triggered when both s-datacount and the size of s-fifobuffer are set to 0x200, leading to an out-of-bound access. A malicious guest could exploit this flaw to crash the QEMU process on the host, resultin...

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•0 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In the isotprcv function, there is a potential issue regarding the reception of CAN frames. Currently, the current code logic does not take into account processes that are receiving CAN frames concurrently and that do not appear ...

4.7CVSS5.9AI score0.00013EPSS