Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in libsoup3

A flaw was discovered in the asynchronous message queue handling of the libsoup library, which is widely used by GNOME and WebKit-based applications for managing HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed...

7.5CVSS5.7AI score0.00416EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.0033EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Python 3.11

The “tarfile” module will still apply normalization of AREGTYPE \x00 blocks to DIRTYPE, even when processing multi-block members such as GNUTYPELONGNAME or GNUTYPELONGLINK. This could lead to a crafted tar archive being misinterpreted by the tarfile module compared to other implementations...

3.3CVSS5.8AI score0.00164EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebML in Google Chrome prior to version 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page. Chromium security severity: High...

4.3CVSS7.2AI score0.00286EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the ecamencodercompressh264 function relied on server-controlled dimensions and did not validate the source buffer size, resulting in a out-of-bounds read in swsscale. This vulnerability has been fixed in...

9.1CVSS5.5AI score0.00489EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in WebUSB in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS7.3AI score0.00189EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height were updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE, but width/height have...

7.5CVSS6.3AI score0.00265EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in GIMP

A flaw was discovered in GIMP’s PSP Paint Shop Pro file parser. A remote attacker could exploit an integer overflow vulnerability in the readcreatorblock function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file is used for memory...

5.5CVSS7.2AI score0.00494EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in the persistentcachereadentryv3 function in libfreerdp/cache/persistent.c, persistent-bmpSize was updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old...

7.1CVSS6.2AI score0.001EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert to fixing the missing lock in fslxcvrmodeput This revert commits f51424872760 “ASoC: fslxcvr: fix missing lock in fslxcvrmodeput”. The original patch attempted to acquire the card-controlsrwsem lock in...

5.5CVSS5.7AI score0.00091EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges. The amdgpudiscoverygetnpsinfo function internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocations. Using kfree to releas...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an issue where engid could be negative, causing the streamenc regs array to be indexed out of bounds. The variable engid is used directly as an index into the streamenc regs array, which has only 5 elements...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in exiv2

Exiv2 is a C++ library and a command-line utility for reading, writing, deleting, and modifying Exif, IPTC, XMP, and ICC image metadata. Prior to version 0.28.8, a buffer overflow vulnerability was discovered. The vulnerability resides in the CRW image parser. This issue has been fixed in version...

8.1CVSS6AI score0.00307EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in GraphicsMagick

GraphicsMagick before 8e56520 has a heap-based buffer over-read issue in the ReadJXLImage function, located in coders/jxl.c, related to a call to ImportViewPixelArea...

9.1CVSS5.9AI score0.00315EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in PDFium in Google Chrome prior to version 147.0.7727.101 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted PDF file. Chromium security severity: High...

8.8CVSS7.9AI score0.00336EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

4.3CVSS6.7AI score0.00159EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in sdl-image1.2

SDLimage is a library for loading images of various formats as SDL surfaces. In the dolayersurface function in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without being validated against the colormap size cmnum. A crafted .xcf file with a smal...

7.1CVSS5.8AI score0.00262EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in gpsd

There is an integer underflow vulnerability in the nextstate function in gpsd/packet.c in gpsd versions prior to the commit ffa1d6f40bca0b035fc7f5e563160ebb67199da7. When parsing a NAVCOM packet, the payload length is calculated using lexer-length = sizetc - 4, without checking whether the input...

7.5CVSS5.2AI score0.0047EPSS
Exploits2References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in Chromium

Using WebCodecs with “after free” before version 146.0.7680.178 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00395EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, a client-side heap buffer overflow occurred in the FreeRDP client’s AVC420/AVC444 YUV-to-RGB conversion process. This issue arose due to a lack of validation of the horizontal bounds of the H.264 metablock...

8.2CVSS6AI score0.00323EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a crafted image could cause an out-of-bounds heap write within the WaveletDenoiseImage method. When processing a crafted image using the -wavelet-denoise...

5.5CVSS7.1AI score0.00106EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in freeipa

A flaw was identified in the FreeIPA API audit; it sends the entire FreeIPA command line to journalctl. As a result, during the FreeIPA installation process, administrative user credentials—including the administrator’s password—are inadvertently leaked into the journal database. In the worst-cas...

5.5CVSS5.6AI score0.00226EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in gst-plugins-bad1.0

GStreamer DVB Subtitles Out-of-Bounds: Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may vary...

7.8CVSS7.7AI score0.00729EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Qemu

An “off-by-one” error was detected in QEMU’s KVM Xen guest support. A malicious guest could exploit this flaw to trigger out-of-bounds heap accesses in the QEMU process through the emulated Xen physdev hypercall interface, resulting in a denial of service or potential memory corruption...

6.5CVSS7.1AI score0.00143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Qemu

A flaw was discovered in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of sensitive information or a denial of service condition DoS...

5.1CVSS7.1AI score0.00114EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, there was a stack buffer overflow issue in ImageMagick’s morphology kernel parsing functions. User-controlled kernel strings that exceeded the buffer size were...

7.1CVSS7.3AI score0.00108EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in libssh

A malicious SCP server can send unexpected commands that may cause the client application to override local files outside of the working directory. This could be exploited to create malicious executable or configuration files, causing the user to execute them with specific consequences. This is t...

6.3CVSS6.4AI score0.00408EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: rcu: Fixed a deadloop in rcureadunlock due to a softirq. The commit 5f5fa7ea89dc “rcu: Do not use negative nesting depth in rcureadunlock” removes the recursion-protection code from rcureadunlock. As a result, the deadloop could ...

7.1CVSS5.7AI score0.00125EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Unconditionally sets set-nelems before inserting an element. In the event that the set is full, a new element is inserted and then removed without waiting for the RCU grace period. Meanwhile, the RCU reader m...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.12 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Added a missing lock in cfg80211checkandendcac. Callers of wdevchandef must hold the wiphy mutex. However, the worker function cfg80211propagatecacdonewk never holds the wiphy mutex. This triggers the following...

5.5CVSS6AI score0.00111EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in vte2.91

GNOME VTE before version 0.76.3 allowed an attacker to cause a denial of service memory consumption through a window resizing escape sequence, a related issue to CVE-2000-0476...

4.4CVSS5.8AI score0.00238EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-15 and 6.9.13-40, Magick failed to detect multi-layer nested MVG conversions to SVG, which could lead to DoS Denial of Service attacks. Versions 7.1.2-15 and 6.9.13-40 include a...

5.3CVSS7.2AI score0.00401EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in unbound

A vulnerability in caching resolvers called “Rebirthday Attack” has been discovered in resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., with the option --enable-subnet, and when configured to send ECS information along with queries to...

8.7CVSS6.5AI score0.00188EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, failed to sanitize the input before writing it into the PostScript header. An attacker can provide a...

5.7CVSS7.4AI score0.00161EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rxe: Fixed a null dereference of srq-rq.queue after a resize failure. A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call m...

6.2AI score0.00157EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Chromium

Using “after free in Base” in Google Chrome before version 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.1AI score0.00317EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebGL in Google Chrome prior to version 146.0.7680.165 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00385EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Chromium

In CSS, operations outside the bounds were allowed in Google Chrome before version 146.0.7680.165; this enabled a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.00454EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the X.Org X server. This “use-after-free” vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this vulnerability without any user interaction, resulting in a...

7.8CVSS5.8AI score0.00264EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the X.Org X server. This out-of-bounds read vulnerability arises from the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions. It allows an attacker to read uninitialized or out-of-bounds memory. An attacker with access to the X1...

9.1CVSS6.8AI score0.00489EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in libcap2

A flaw was discovered in libcap. A local, unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to a file controlled by the attacker. By doi...

7CVSS7.1AI score0.00188EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the X.Org X server. This integer underflow vulnerability, specifically related to the handling of the XKB compatibility map, allows an attacker with local or remote access to the X11 server to trigger a buffer read overflow. This can lead to memory safety violations and...

7.8CVSS7.4AI score0.0038EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.6.36 through 1.6.55, there was an out-of-bounds read and write vulnerability in libpng’s ARM/AArch64 Neon-optimized palette expansion path. When...

7.6CVSS6.7AI score0.00585EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in sudo

In Sudo, from version 1.9.17p2 until 3e474c2, a failure in the call of setuid, setgid, or setgroups functions, during a privilege drop before running the mailer, is not considered a fatal error. Such failures may lead to an escalation of privileges...

7.8CVSS7.1AI score0.00173EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the X.Org X server’s validation of XKB key type requests. A local attacker could send a specially crafted request to the X server, leading to a vulnerability where out-of-bounds memory access could occur. This could result in the disclosure of sensitive information or cau...

7.8CVSS5.8AI score0.0025EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the X.Org X server. This vulnerability, an out-of-bounds read, affects the handling of XKB X Keyboard Extension modifier maps. An attacker with access to the X11 server can exploit this by sending a malformed request, causing the server to read beyond its intended memory...

9.1CVSS6.4AI score0.00489EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Python 3.11

User-controlled header names and values containing newlines can allow for the injection of HTTP headers...

5.9CVSS6.7AI score0.00463EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in glib2.0

A flaw was discovered in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, resulting in a denial of service or potential code execution through a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...

9.8CVSS5.9AI score0.00754EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: KEYS: Trusted – Fixed a memory leak in tpm2loadcmd. tpm2loadcmd allocates a temporary blob indirectly through tpm2keydecode, but the blob is not freed during failure paths. This issue can be addressed by wrapping the blob with a...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters We have added validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes caused by malformed format strings...

6AI score0.00173EPSS
Exploits0References2
Total number of security vulnerabilities18095