CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: iio: fixed a memory leak in iiodeviceregistereventset When iiodeviceregistersysfsgroup returns an error, iiodeviceregistereventset must free the attrs array. Otherwise, kmemleak would detect and report a memory leak as follows:...

5.7AI score0.0003EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/mempolicy: fixed a memory leak in the setmempolicyhomenode system call. When encountering any virtual memory area vma with a policy other than MPOLBIND or MPOLPREFERREDMANY, an error is returned without issuing a mpolput...

5.5CVSS6AI score0.00017EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в flask

Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client’s session...

7.5CVSS7AI score0.00221EPSS

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в systemd

It was discovered that a Systemd service that uses the DynamicUser property can obtain new privileges by executing SUID binaries. This allows the service to create binaries belonging to the transient group, with the setgid bit set. A local attacker could exploit this flaw to access resources that...

7.8CVSS6.1AI score0.00151EPSS

Exploits2References2

5.5CVSS6.3AI score0.00358EPSS

Astra Linux - уязвимость в xterm

With Patch 370, xterm enables Sixel support. When this is enabled, attackers can exploit a buffer overflow in the setsixel function in graphicssixel.c by using crafted text...

Exploits1References2

6.2CVSS6AI score0.00015EPSS

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Do not free decrypted memory. In CoCo Virtual Machines, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail. As a result, an error may be returned, and the decrypted memor...

5.5CVSS6.2AI score0.00008EPSS

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bcache: Reverting the replacement of ISERRORNULL with ISERR The commit 028ddcac477b “bcache: Removing unnecessary NULL point checks in node allocations” causes a NULL pointer dereferencing in cachesetFlush. c if !ISERRORNULLc-roo...

5.5CVSS6.1AI score0.00025EPSS

Astra Linux - уязвимость в linux

A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERFEVENTIOCSETFILTER. A local user could use this flaw to starve the resources causing denial of service...

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: exfat: Check if the cluster number is valid. Syzbot reported a slab-out-of-bounds read in exfatclearbitmap. This issue was triggered when the reproducer called truncute with a size of 0, resulting in the following error messag...

7.1CVSS6.4AI score0.00148EPSS

5.5CVSS6.3AI score0.00015EPSS

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: cifs: preventing incorrect output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with smbqueryinfo::flags=PASSTHRUFSCTL and smbqueryinfo::outputbufferlength=0, the following value of 0x10 will be returned. c buffer...

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Avoid leaking tags when processing the OPCINBSETCONTROLLERCONFIG command. The tags allocated for the OPCINBSETCONTROLLERCONFIG command need to be freed when we receive the response...

5.5CVSS6.1AI score0.00011EPSS

5.5CVSS6.2AI score0.00009EPSS

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A NULL check was added for the “timing generator” in dcn21setpipe. In the line of code: u32 otginst = pipectx-streamres.tg-inst; The pipectx-streamres.tg might be NULL. This relies on the caller to ensure that tg...

5.5CVSS6.2AI score0.0002EPSS

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fixed NULL pointer dereferencing for SRP. If the external PHY working together with phy-omap-usb2 does not implement sendsrp, we may still attempt to call it. This can occur on an idle Ethernet device that...

5.5CVSS6.4AI score0.00005EPSS

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Do not offline the last non-isolated CPU. If a system has isolated CPUs via the “isolcpus=” command-line parameter, then attempting to offline the last housekeeping CPU will result in a WARNON message when rebuilding...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netlink: fixed a potential deadlock in netlinkseterr syzbot reported a possible deadlock in netlinkseterr 1 A similar issue was fixed in commit 1d482e666b8e “netlink: disabling IRQs for netlinklocktable” in netlinklocktable Th...

6AI score0.00067EPSS

Exploits0References1