Lucene search
+L
AstralinuxRecent

18102 matches found

astralinux
astralinux
added 2026/07/09 8:12 a.m.8 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: espintcp: A race condition in espintcpclose has been fixed. This issue was discovered during a code audit. After espintcpclose is called, espintcptxwork can still be scheduled using functions like the Delayed ACK handler or...

7.8CVSS6AI score0.00101EPSS
Exploits0References4
astralinux
astralinux
added 2026/07/09 8:12 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter. removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock, when invoked from futexrequeue. In the latter case,...

7.8CVSS6.1AI score0.00125EPSS
Exploits22References3
astralinux
astralinux
added 2026/07/09 8:12 a.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: eventpoll: Fixed an UAF Use-After-Free issue with epremovestruct eventpoll and struct file. The epremove function via epremovefile clears the file-fep field under file-flock, but then continues using @file within the critical...

7.8CVSS6.9AI score0.00125EPSS
Exploits3References3
astralinux
astralinux
added 2026/07/09 8:12 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: bonding: Fixed a use-after-free in bondxmitbroadcast. bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it for others. Concurrent slave enslave/release operations may mutat...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References3
astralinux
astralinux
added 2026/07/09 8:12 a.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/tls: The use-after-free issue in the -EBUSY error handling path of tlsdoencryption has been fixed. The -EBUSY handling in tlsdoencryption, introduced with commit 859054147318 “net: tls: handle backlogging of crypto requests”,...

9.8CVSS5.7AI score0.00388EPSS
Exploits0References2
astralinux
astralinux
added 2026/07/09 8:12 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: bpf: The reuseport cBPF prog is freed after the RCU grace period. Eulgyu Kim reported the issue below with a reproduction example. The reproduction example sets up a UDP reuseport group with a cBPF prog and replaces it with a new...

7.8CVSS6AI score0.00104EPSS
Exploits0References2
astralinux
astralinux
added 2026/07/09 8:12 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: net: skbuff: Fixed an issue where a missing zerocopy reference was present in the pskbcarve helpers. Both pskbcarveinsideheader and pskbcarveinsidenonlinear copy the old skbsharedinfo header into a new buffer using memcpy. Thi...

7.8CVSS6AI score0.00238EPSS
Exploits0References2
astralinux
astralinux
added 2026/07/09 8:12 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: net/sched: Fixed a issue where partial COW operations by pedit led to corruption of the page cache. tcfpeditact calculates the COW range for skbensurewritable once before the key loop, using tcfpoffmaxhint. However, this hint...

7.8CVSS6.4AI score0.00321EPSS
Exploits11References3
astralinux
astralinux
added 2026/07/09 8:12 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ppp: The requirement for CAPNETADMIN in the target netns is necessary for unattached IOCTls. The opening of /dev/ppp is currently allowed for file-fcred-userns, while unattached administrative IOCTls operate on...

8.8CVSS5.8AI score0.00182EPSS
Exploits1References2
astralinux
astralinux
added 2026/07/09 8:12 a.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ipv6: Proper accounting of fraggap on the paged allocation path In ip6.AppendData, when the paged-allocation branch is taken MSGMORE / NETIFFSG / large fraglen, alloclen and pagedlen are computed as follows: alloclen =...

5.8AI score0.00176EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush dev-IOTLB only when the PCIe device is accessible in scalable mode. The commit 4fc82cd907ac “iommu/vt-d: Do not issue ATS invalidation requests when the device is disconnected” relies on pcidevisdisconnected to...

5.5CVSS6AI score0.00123EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, a underflow of the sizet variable in the IMA-ADPCM and MS-ADPCM audio decoders led to a heap-buffer-overflow issue through the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADPCM and MS-ADPCM...

9.8CVSS6AI score0.00317EPSS
Exploits1References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two distinctly different samples of NEC uPD720200 one with a start/stop bug, one without it were observed to cause IOMMU faults after some “Missed Service Errors”. Th...

7.8CVSS6.4AI score0.00175EPSS
Exploits0References4
astralinux
astralinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: A potential memory leak has been fixed in tw9903probe. In one of the error paths in tw9903probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. This issue has been fixed by calling...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ocfs2: The BUG function was replaced with ocfs2error in ocfs2MoveExtent. In ocfs2MoveExtent, the BUG function was changed to ocfs2error simply to avoid causing the entire kernel to crash due to filesystem corruption...

5.9AI score0.00185EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurred in the decoding process of the ClearCodec band when crafted band coordinates allowed writes beyond the end of the destination surface buffer. A malicious server...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in hdf5

HDF5 through 1.14.3 contains a stack buffer overflow issue in H5Rdecodeheap, which leads to corruption of the instruction pointer and causes denial of service or potential code execution...

9.8CVSS7.5AI score0.00865EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in the functions kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA located in WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c could cause crashes in any FreeRDP...

5.3CVSS5.8AI score0.00282EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, there was a buffer overflow vulnerability in freerdpbitmapdecompressplanar when SrcSize was 0. The function dereferences srcp which points to pSrcData without first verifying that SrcSize is greater than or...

9.1CVSS6.1AI score0.00285EPSS
Exploits1References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: In the chips-media: wave5 module, the order of device cleanup was corrected to prevent kernel panic. The process of removing video devices was moved to the beginning of the removal function to ensure that all video operations are...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Flatpak

Flatpak is a Linux application sandboxing and distribution framework. Prior to version 1.16.4, the caching mechanism for ld.so removed outdated cache files without properly checking whether the app’s control over the path to the outdated cache was valid within the cache directory. This allowed...

8.7CVSS7.1AI score0.00323EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in freeipa

A flaw was identified in the FreeIPA API audit; it sends the entire FreeIPA command line to journalctl. As a result, during the FreeIPA installation process, administrative user credentials—including the administrator’s password—are inadvertently leaked into the journal database. In the worst-cas...

5.5CVSS5.6AI score0.00226EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in edk2

EDK2 contains a vulnerability in the BIOS, where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” through local access. Successful exploitation of this vulnerability could lead to possible information disclosure or escalation of privileges, thereby affecting...

5.8CVSS7AI score0.00123EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-16 and 6.9.13-41, there was a vulnerability where a memory allocation failure in the sixel encoder could lead to writing beyond the end of a buffer on the stack. This vulnerability...

6.7CVSS6AI score0.00096EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in GIMP

GIMP PSP File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...

7.8CVSS7.6AI score0.00744EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.12 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: hwrng: core – Use RCU and workstruct to fix race conditions Currently, the hwrngfill function is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside of the rngmutex lock, a concurrent...

4.7CVSS5.7AI score0.00088EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extension of kfunc call arguments kfunc calls are native calls, so they should follow LoongArch calling conventions. Sign extension of arguments should be performed properly to avoid kernel panic. This is...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: Fixed a NULL dereferencing on devlinkalloc failure. Devlinkalloc may return NULL when allocation fails, but presteradevlinkalloc will unconditionally call devlinkpriv on the returned pointer. This can lead...

5.5CVSS5.9AI score0.00115EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Buffer validation was corrected by including the size of the null-terminating character in the EA length. The smb2setea function, which handles Extended Attributes EA, conducted buffer validation checks that incorrectly...

5.8AI score0.00168EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in firewalld

A flaw was discovered in firewalld. A local unprivileged user can exploit this vulnerability by misauthorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This misauthorization allows the user to modify the runtime firewall state without proper authentication,...

5.5CVSS6.1AI score0.00118EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Firefox, Thunderbird

JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

9.8CVSS7AI score0.00755EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.3AI score0.00275EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fixed the handling of device lifecycle in cssallocsubchannel. cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel...

5.5CVSS6AI score0.00126EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: regmap: Fixed a race condition in the hwspinlockirqsave routine. Previously, the address of the shared member &map-spinlockflags was passed directly to hwspinlocktimeoutirqsave. This created a race condition where multiple contex...

4.7CVSS5.7AI score0.001EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: arm64: Added support for TSV110 Spectre-BHB mitigation. The TSV110 processor is vulnerable to the Spectre-BHB Branch History Buffer attack, which can be exploited to leak information through branch prediction side channels. This...

5.5CVSS6.1AI score0.00128EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: btrfs: In the send operation, it is necessary to check for inline extents within the rangeisholeinparent function. Before accessing the diskbytenr field of a file extent item, we need to check whether we are dealing with an inlin...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: Fixed a memory leak in the error path. A memory leak was addressed in usbkeeneprobe. The v4l2 control handler was initialized, and controls were added. However, if v4l2deviceregister or videoregisterdevice fai...

5.5CVSS6AI score0.00128EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: macvlan: fixed a possible Use-after-Allocation UAF in macvlanforwardsource. Added RCU protection for the vlan field in struct macvlansourceentry. Whenever macvlanhashdelsource is called, we must clear the entry-vlan pointer befor...

7.8CVSS5.8AI score0.00188EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release the per-CPU pgmap reference when vminsertpage fails. When vminsertpage fails in p2pmemallocmmap, p2pmemallocmmap does not invoke percpurefput to free the per-CPU reference to pgmap acquired after...

5.5CVSS6AI score0.00155EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: Fixed memory leaks in XDR decoding error paths. The functions gssxdecctx, gssxdecstatus, and gssxdecname allocate memory through gssxdecbuffer, which calls kmemdup. When a subsequent decoding operation fails, the...

5.5CVSS6.3AI score0.0016EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: pNFS: Fixed a deadlock that occurred when returning a delegation during the open function. Ben Coddington reported seeing a hang in the following stack trace: 0 ffffd0b50e1774e0 schedule at ffffffff9ca05415 1 ffffd0b50e177548...

5.8AI score0.00168EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Team: Move teamdevicetypechange to the end of teamportadd. Attempting to add a port device that is already up will, unsurprisingly, fail. However, this failure occurs before modifying the teamdeviceheaderops. In the case of the...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: Do not cause a crash when the msc-input field is missing. Fake USB devices can send their own report descriptors, for which the inputmapping hook is not called. In this case, msc-input remains NULL, leading to a...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Ruby 3.1

Zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0, and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zstreambufferungets function prepends bytes provided by the caller before previously produced...

9.8CVSS6.1AI score0.00561EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: do not free existing class in qfqchangeclass This fix addresses the issue with the qfqchangeclass function. The cl-qdisc and cl fields should only be freed if a new class and qdisc are allocated; otherwise,...

7.8CVSS6.3AI score0.00204EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91-sama5d2adc: Fixed a potential use-after-free in the sama5d2adc driver. The at91adcinterrupt function can call the at91adctouchdatahandler function to initiate the processing via schedulework&st-touchst.workq. If we...

5.7AI score0.00173EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Fixed a potential underflow in virtiotransportgetcredit. The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: c ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer reduces its...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in libheif

libheif is a decoder and encoder for HEIF and AVIF file formats. In versions 1.21.2 and earlier, a malformed HEIF sequence file could trigger an out-of-bounds read during core sequence parsing, leading to DoS Denial of Service. A malformed file may have stcoentrycount == 0 meaning no chunks are...

6.5CVSS6AI score0.00253EPSS
Exploits1References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: wan/fslucchdlc: Fixed the dmafreecoherent function in uhdlcmemclean. The priv-rxbuffer and priv-txbuffer are allocated together as contiguous buffers in uhdlcinit, but they are freed as two separate buffers in uhdlcmemclean...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in libheif

libheif is a decoder and encoder for HEIF and AVIF file formats. In versions 1.21.2 and earlier, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track’s chunk table could cause a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader...

8.1CVSS5.8AI score0.00302EPSS
Exploits1References2
Total number of security vulnerabilities18102