Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: phy: phy-mtk-tphy: Fixed some resource leaks in mtkphyinit. Used clkdisableunprepare in the error path of mtkPhyInit to address some resource leaks...

5.5CVSS5.9AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Twisted

In Twisted Web version 19.10.0, there was an HTTP request splitting vulnerability. When two content-length headers were provided, the system ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request...

9.8CVSS8AI score0.04083EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in ntfs-3g

In NTFS-3G versions before version 2021.8.22, when a specially crafted Unicode string is provided in an NTFS image, a heap buffer overflow may occur, allowing code execution...

7.8CVSS7.1AI score0.00461EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 104.0.5112.79, using "After Free" in Safe Browsing in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00615EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Apache2

A properly crafted method sent via HTTP/2 will bypass validation and be forwarded by modproxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server versions 2.4.17 to 2.4.48...

7.5CVSS6.3AI score0.46179EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux

Improper input validation in the IntelR Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access...

5.5CVSS6.7AI score0.00286EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

In Google Chrome, a out-of-bounds read in the Tab Strip feature was exploited before version 92.0.4515.131. This allowed an attacker to convince a user to install a malicious extension, enabling them to perform an out-of-bounds memory read through a crafted HTML page...

8.1CVSS6.4AI score0.01948EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux-Firmware

A null pointer reference exists in some IntelR Graphics Drivers for Windows prior to version 26.20.100.7212, as well as prior to the release of the Linux kernel version 5.5. This vulnerability could allow a privileged user to exploit the system to cause a denial of service attack through local...

5.5CVSS6.6AI score0.00308EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Created a persistent INTx handler. There exists a vulnerability where the eventfd for INTx signaling can be deconfigured. This causes the IRQ handler to be unregistered, but it still allows eventfds to be signaled with ...

5.5CVSS5.3AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Firewire: In the net subsystem, a bug related to use-after-free was fixed in the fwnetfinishincomingpacket function. The netifrx function frees the skb, but we cannot dereference it to save the skb-len...

7.8CVSS5.2AI score0.00142EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations of performance APIs in Google Chrome prior to version 89.0.4389.72 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

4.3CVSS6.6AI score0.01059EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Pandoc

Pandoc is a Haskell library for converting between different markup formats, as well as a command-line tool that utilizes this library. Starting from version 1.13 and before version 3.1.4, Pandoc was vulnerable to a file-write vulnerability. This vulnerability could be exploited by including a...

6.1CVSS5.8AI score0.00368EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Jackson-Databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

8.1CVSS7.4AI score0.05218EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Zabbix

A authenticated user can create a link containing reflected JavaScript code for a service page and send it to other users. The payload can only be executed with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the...

4.4CVSS5.8AI score0.01203EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.22 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: eventfs: Use listdelrcu for SRCU-protected list variables. Chi Zhiling reported: We found a null pointer access in tracefs1. The reason is that the variable eichild is set to LISTPOISON1. This means that the list was removed...

5.5CVSS6.3AI score0.00221EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in cups-filters

CUPS is a standards-based, open-source printing system. cups-browsed includes network printing functionality, which encompasses, but is not limited to, the ability to automatically discover print services and shared printers. cups-browsed binds to INADDRANY:631, allowing it to accept packets from...

5.3CVSS8.4AI score0.50174EPSS
Exploits15References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: net: arcnet: com20020: Fixed nullptrderef in com20020pciprobe During driver initialization, the pointer to card info is required—specifically, the variable ‘ci’. However, the definition of ‘com20020pciidtable’ indicates that this...

5.5CVSS5.3AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the Popup Blocker component of Google Chrome prior to version 108.0.5359.71 allowed a remote attacker to bypass navigation restrictions through a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.7AI score0.0054EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.4AI score0.00782EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

Multiple memory corruption issues have been resolved through improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15, and iPadOS 15, as well as iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code...

7.8CVSS7.3AI score0.01786EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf: Make sure to use pmuctx-pmu for groups. Oliver reported that x86pmudel actually performs an out-of-bound memory access when groupschedin fails and requires a rollback. This issue should be handled through transaction...

7.8CVSS4.5AI score0.00129EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in mdadm

A buffer overflow in some IntelR SSD Tools software prior to version mdadm-4.2-rc2 may allow a privileged user to potentially enable privilege escalation through local access...

6.7CVSS6.5AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Added the drmcrtccommitPut operation. Commit 9ec03d7f1ed3 “drm/vc4: kms: Wait on previous FIFO users before a commit” introduced a global state for the HVS, where each FIFO stores the current CRTC commit. This allow...

4.1CVSS5AI score0.00185EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: avoid double-free in smbdfreesendio after smbdsendbatchflush smbdsendbatchFlush already calls smbdfreesendio; therefore, we should not call it again after smbdpostsend. It has been moved to the batch list...

9.8CVSS5.9AI score0.00457EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: the issue with the mutex hash calculation due to hugetlb faults has been fixed. In mfillatomichugetlb, the linearpageindex function is used to calculate the page index for hugetlbfaultmutexhash. However,...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in golang-go.crypto

Applications and libraries that misuse the connection.serverAuthenticate function via the ServerConfig.PublicKeyCallback callback field may be susceptible to authorization bypasses. The documentation for ServerConfig.PublicKeyCallback states that “Calling this function does not guarantee that the...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in golang-golang-x-net, golang-1.19

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request’s headers exceed MaxHeaderBytes, no...

7.5CVSS7AI score0.91969EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: It is required that the minimum ACE size is respected in smbcheckpermdacl. Both ACE-walking loops in smbcheckpermdacl only protect against a remaining buffer being undersized, not against an ACE whose declared ace-size ...

8.3CVSS6AI score0.00315EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Synchronize the IOCB count to be in order A system hang was observed with the following call trace: BUG: Kernel NULL pointer dereference, address: 0000000000000000 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOPTI CPU: 15...

5.5CVSS6.2AI score0.00165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: Fixed the SDMA v4 SW fini error. Fixed the SDMA v4 SW fini error for SDMA 4.2.2 to resolve the following general protection fault. +0.108196 General protection fault; likely due to a non-canonical address...

5.5CVSS6.1AI score0.00143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libwebp

A heap-based buffer overflow was discovered in libwebp in versions prior to 1.0.1 in the GetLE16 function...

9.1CVSS7.2AI score0.021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: vsp1: Replace vb2isstreaming with vb2startstreamingcalled. The vsp1 driver uses the vb2isstreaming function in its .bufqueue handler to check whether the .startstreaming operation has been called. It then decides whether t...

5.5CVSS5.6AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fcrecvframe mp-safe Running tests with a debug kernel shows that bnx2fcrecvframe modifies the percpu lport stats counters in a non-mpsafe manner. Simply boot a debug kernel and run the bnx2fc driver with th...

5.5CVSS6.2AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Samba

A flaw was discovered in Samba. The Samba smbd file server must map Windows group identities SIDs to Unix group IDs gids. The code responsible for this mapping contained a flaw that could allow it to read data beyond the end of the array, in the event that a negative cache entry was added to the...

6.8CVSS6.6AI score0.01616EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the userspace attempts to access the dma-buf via the CPU, as reported by syzbot: WARNING: CPU: 1 PID: 35...

5.5CVSS6.1AI score0.00202EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in NTP

In NTP versions prior to 4.2.8p14 and 4.3.x before 4.3.100, remote attackers could exploit this vulnerability to cause a denial of service—resulting in the daemon exiting or the system time being changed. This was possible by predicting the transmit timestamps used in forged packets. The victim w...

7.4CVSS6.2AI score0.04071EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in advancecomp

It was discovered that Advancecomp v2.3 contains a heap buffer overflow vulnerability...

5.5CVSS5.9AI score0.00448EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

6.5CVSS7.2AI score0.17289EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: A NULL pointer dereferencing occurred after calling stargettorport. Calls to stargettorport may return NULL. Add a check for NULL rport before dereferencing...

5.5CVSS5.4AI score0.00215EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.32 views

Astra Linux – Vulnerability in Chromium

Before version 101.0.4951.41, using the Browser Switcher in Google Chrome allowed a remote attacker to potentially exploit heap corruption by using a crafted HTML page, as long as that attacker could convince a user to perform certain user interactions...

8.8CVSS6.9AI score0.00764EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.27 views

Astra Linux – Vulnerability in Chromium

The use of "after free" in Window Dialogs in Google Chrome before version 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS6.9AI score0.00745EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.31 views

Astra Linux – Vulnerability in Chromium

In Google Chrome, using "after free" in V8 before version 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.6AI score0.07836EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.29 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in the Reading Mode in Google Chrome before version 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through specific UI interactions. Chromium security severity: Medium...

8.8CVSS7.3AI score0.00382EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.27 views

Astra Linux – Vulnerability in Chromium

Before version 96.0.4664.45, using free in media in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.1AI score0.01362EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 105.0.5195.52, using free after a tag in the browser with Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00792EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

In some cases, a stale value might have been used for a global variable during WASM JIT analysis. This led to incorrect compilation and potentially exploitable crashes in the content process. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

5.3CVSS6.6AI score0.01007EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox

When manipulating the selection node cache, an attacker may have been able to cause unexpected behavior, potentially leading to a exploitable crash. This vulnerability affects Firefox versions earlier than 131.0.3...

6.5CVSS7.5AI score0.00258EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerabilities in Python 2.7, Python 3.7, and Pypy

A XXE issue was discovered in Python through version 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to prevent XML vulnerabilities...

9.8CVSS7.3AI score0.04268EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipccontroldata via loadbytes We have sanity checks for checking whether the ipccontroldata is freed, and if any of these checks fail, the locally allocated scontrol-ipccontrolda...

7.8CVSS6.2AI score0.00166EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Using markup injection, an attacker could steal nonce values. This could be used to bypass strict content security policies. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...

6.1CVSS6.6AI score0.00704EPSS
Exploits1References2
Total number of security vulnerabilities18102