Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in GhostScript

A heap-based buffer overwrite vulnerability was discovered in the lp8000printpage function of GhostScript, located in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a specially crafted PDF file, triggering a heap buffer overflow that could lead to memory corruption...

7.1CVSS7.4AI score0.00437EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in WebKit2GTK

An information disclosure issue was resolved by removing the vulnerable code. This issue has been fixed in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari’s private browsing mode...

5.3CVSS6.9AI score0.00418EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Ruby-Rack

There is a possible denial-of-service vulnerability in Rack versions 2.0.9.1, 2.1.4.1, and 2.2.3.1, specifically in the multipart parsing component of Rack...

7.5CVSS6.4AI score0.02056EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Ruby-Rack

A sequence injection vulnerability exists in Rack versions 2.0.9.1, 2.1.4.1, and 2.2.3.1. This vulnerability could allow for shell escapes in the Lint and CommonLogger components of Rack...

10CVSS6.7AI score0.01801EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in unrar-nonfree

RARLAB’s UnRAR version prior to 6.12 on Linux and UNIX allowed directory traversal, enabling writing to files during an extraction operation also known as unpacking. This was demonstrated by creating a file named /.ssh/authorizedkeys. NOTE: WinRAR and Android RAR are not affected by this issue...

7.5CVSS6.9AI score0.98975EPSS
Exploits12References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in WebKit2GTK

A correctness issue in JIT was addressed through improved checks. This issue has been fixed in tvOS 16.1, iOS 15.7.1, iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1, and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app...

6.5CVSS6.9AI score0.0091EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Properly handles channel mapping lists. Currently, each channel is added as a list to the dai channel list. However, there is a risk of adding the same channel to multiple dai channel lists, which could lea...

5.5CVSS5.9AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Do not call scsiremovehost in pm8001alloc Calling scsiremovehost before scsiaddhost results in a crash. Bug: Kernel NULL pointer dereferencing; address: 0000000000000108 RIP: 0010: devicedel+0x63/0x440 Call trace: 1...

6.2CVSS6.2AI score0.00248EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/sched: fqpie: prevent dismantle issue For some reason, the fqpieDestroy function did not copy the working code from pieDestroy and other related functions, resulting in a persistent bug. Before calling...

5.5CVSS6AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: nvidiafb: Use strscpy to prevent buffer overflow Coverity reports a possible buffer overflow issue. However, given the ‘static’ scope of nvidiasetupi2cbus, it seems that this issue cannot occur after examining the...

7.8CVSS6.4AI score0.0027EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue: 1 Add a tc flower filter for VLAN Priority-based frame steering: $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress $ tc qdisc add dev...

5.5CVSS6.2AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/fixmap: Fixed the VM debug warning when unmapping a fixmap entry. The unmapping of a fixmap entry is performed by calling setfixmap, with FIXMAPPAGECLEAR as the flag. Currently, powerpc setfixmap calls mapkernelpage...

5.5CVSS5.1AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “ice”: fixed the sizing of vsi-txqmap. The approach of having XDP queues per CPU, regardless of the user’s settings, exposed a hidden bug that could occur when the number of Rx queues differs from the number of Tx queues...

5.5CVSS5.3AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net: dsa section, there is a fix for dereferencing a NULL pointer in dsaportresetvlanfiltering. The “ds” iterator variable used in dsaportresetvlanfiltering overwrites the “dp” parameter received as an argument, which is...

5.5CVSS5.9AI score0.00209EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed a warning in ext4handleinodeextension We encountered the following issues: EXT4-fs error device loop0 in ext4reserveinodewrite:5741: Out of memory EXT4-fs error device loop0: ext4setattr:5462: inode 13: comm...

5.5CVSS6.4AI score0.00273EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: mmc: jz4740: Apply DMA engine limits to maximum segment size Follow the same approach used in other DMA-enabled MMC host drivers see host/mmci.c, and limit the maximum segment size based on the capabilities of the DMA engine. Thi...

5.5CVSS6.2AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ath11k: Disable spectral scan during spectral deinit. When ath11k modules are removed using rmmod with spectral scan enabled, a crash occurs. Different crash traces are observed for each instance of the crash. Send a command to...

5.5CVSS6.1AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: drm/virtio: fixed a NULL pointer dereference in virtiogpuconngetmodes. drmcvtmode may return NULL, and we should check for this. This bug was discovered by syzkaller: FAULTINJECTION stacktrace: 168.567394 FAULTINJECTION: forci...

5.5CVSS6.3AI score0.00315EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: serial: 8250aspeedvuart: Fixed the potential NULL dereferencing in aspeedvuartprobe. The platformgetresource function may fail and return NULL; therefore, we should better check its return value to avoid NULL pointer dereferencin...

5.5CVSS6.2AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ip: Fixed a data race around the sysctlfwmarkreflect function. When reading sysctlfwmarkreflect, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...

4.7CVSS6.1AI score0.00181EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Fix refcount leak in tidra7xbarrouteallocate. The ofparsephandle function returns a node pointer with a refcount incremented. We should use ofnodeput on it when it is no longer needed. Add the missing ofnodeput cal...

5.5CVSS6.1AI score0.0025EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for Tegra194, where random system crashes have been observed 0. The problem occurs when the split header...

5.5CVSS6.4AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipv6: fixed a lockdep issue in in6dumpaddrs According to reports from syzbot, we should not use rcudereference when rcureadlock is not held. WARNING: Suspicious RCU usage. 5.19.0-rc2-syzkaller 0 Not tainted...

5.5CVSS5.8AI score0.00263EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Net: tun: Unlinking the NAPI from the device upon destruction. Syzbot identified a race condition between the tun file and the device destruction process. NAPIs reside in the structtunfile structure, and this structure may be...

5.5CVSS6.1AI score0.00274EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fixed the boundary conditions in interpolation. The functions powersupplytemp2resistsimple and powersupplyocv2capsimple incorrectly handle boundary conditions. This issue was introduced in the code change...

7.8CVSS6.2AI score0.0026EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fixed PM usagecount for console handover When the console is enabled, univ8250consolesetup calls serial8250consolesetup before .dev is set to uartport. As a result, pmruntimegetsync will not be called. Later, when t...

5.5CVSS6.2AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ima: Fixed a potential integer overflow in imaappraisemeasurement. When the ima-modsig option is enabled, the value passed to evmverifyxattr may be negative, which could lead to an integer overflow issue...

5.5CVSS6.1AI score0.00252EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: phy: at803x: fix NULL pointer dereference on AR9331 PHY The latest kernel will fail when dealing with the PHY interrupt configuration, as it now relies on allocated private resources. Therefore, running a probe to allocate...

5.5CVSS5.8AI score0.00227EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store the vhost pointer during subcrq allocation Currently, the back pointer from a queue to the vhost adapter is not set until after the subcrq interrupt registration. This value becomes available when a queue is...

5.5CVSS6.2AI score0.00249EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed a hang that occurred during unmount when the block group reclaim task was running. When starting an unmount, at closectree, if the reclaim task is running and is in the middle of a data block group relocation, a...

5.5CVSS6AI score0.00199EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: atmel: The issue with reference counting was fixed in atmelnandcontrollerinit. The reference counting issue occurs in several error handling paths involving an object with a refcount, called “nc-dmac”. In these path...

5.5CVSS6.2AI score0.00253EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Drivers: Ethernet: cpsw – Fixed a panic that occurs when interrupt coalescing is set via ethtool. The cpswethtoolbegin function directly returns the result of pmruntimegetsync when it is successful. pmruntimegetsync returns an...

5.5CVSS6.3AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciuart: A missing NULL check was added in h5enqueue. The Syzbot encountered a general protection fault in pmruntimeresume. The issue was due to a missing NULL check. hu-serdev can be NULL, and we should not blindly...

5.5CVSS6.3AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ath10k: Error handling in ath10ksetupmsaresources has been fixed. The devicenode pointer is returned by ofparsephandle, with the refcount incremented. We should use ofnodeput on it after that operation. This function only calls...

5.5CVSS6.2AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: anx7625: Fixed an overflow issue when reading EDID. The length of the EDID block can be longer than 256 bytes. Therefore, we should use int instead of u8 for the edidpos variable...

5.5CVSS6.2AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold a reference to the port until the decoder is released. KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease. This function references its parent object, a cxlport, to free its id back...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed error handling in ext4fcrecordmodified inode. The current code does not properly handle the krealloc error case, which could lead to silent memory corruption or a kernel bug. This patch addresses this issue...

7.8CVSS5.6AI score0.00228EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: uniphier: fix reference count leak in uniphierspiprobe The issue occurs in several error paths within uniphierspiprobe. When either dmagetslavecaps or devmspiregistermaster returns an error code, the function forgets to...

5.5CVSS5.1AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ice: Fixed a crash by retaining the old configuration when updating Traffic Classes beyond the allocated queues. There are issues when the number of allocated queues is less than the number of Traffic Classes. The commit...

5.5CVSS6.4AI score0.00197EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Video: fbdev: sm712fb – Fixed a crash in smtcfbwrite When the sm712fb driver writes three bytes to the framebuffer, the driver crashes. Bug: Unable to handle a page fault for the address: ffffc90001ffffff RIP:...

5.5CVSS6.2AI score0.00259EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: tcp: tcprtxsynack can be called from process context. Laurent reported the attached report 1. This bug occurs under the following conditions: 0 The kernel is built with CONFIGDEBUGPREEMPT=y. 1 A new passive FastOpen TCP socket is...

5.5CVSS6.2AI score0.00283EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock issue with buffermutex and mmaplock The syzbot tool detected a potential deadlock between the runtime-buffermutex and the mm-mmaplock. This issue arose due to the recent fix related to racy...

5.5CVSS6.1AI score0.00192EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: quota: fixed the loop condition in f2fsquotasync The parameter cnt should be passed to sbhasquotaactive, rather than type, to correctly check the active quota. Moreover, when the type is -1, the compiler, with sufficient...

5.5CVSS6AI score0.00247EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The function dcstreamrelease is called when removing the link enc assignment. Why A porting error caused the stream assignment for the link to be retained instead of being released—resulting in a memory leak. How...

5.5CVSS6AI score0.00209EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A NULL pointer dereference occurred in amdgpudmconnectoraddcommonmodes. In amdgpudmconnectoraddcommonmodes, amdgpudmcreatecommonmode assigns mode to mode, and mode is directly passed to drmmodeprobedadd...

5.5CVSS6.2AI score0.00253EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fixed error handling in mxssgtl5000probe. This function only calls ofnodeput in the regular path. It will cause a refcount leak in error-prone paths. For example, when codecnp is NULL, saifnp0 and saifnp1 are not NULL,...

5.5CVSS6.2AI score0.00252EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: ffs: Fix use-after-free for epfile Consider a case where ffsfuncepsdisable is called from ffsfuncdisable as part of the composition switch. At the same time, ffsepfilerelease is called from the user space. ffsepfilerelease...

7.8CVSS6.4AI score0.00272EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux

A vulnerability was discovered in the Linux kernel prior to version 5.13.3. The file lib/seqbuf.c contains a buffer overflow issue related to seqbufputmemhex...

6.7CVSS6.9AI score0.00726EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y – Do not call freepagesexact with a NULL address. Unlike some other functions, we cannot pass a NULL pointer to freepagesexact. Add a proper NULL check to avoid potential errors...

5.5CVSS5.8AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dmbtreeremove: Assign newroot only when the removal succeeds. The removeraw function in dmbtreeremove may fail due to IO read errors e.g., failure to read the content of the origin block during shadowing. Additionally, the value ...

5.5CVSS5.8AI score0.00259EPSS
Exploits0References2
Total number of security vulnerabilities18102