Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf The current code produces a warning when the total number of characters in the constituent block device names, plus the slashes, exceeds 200. snprintf returns the number of characters generated...

5.5CVSS6.2AI score0.00147EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – A memory leak occurred due to multiple rxstats allocations. rxstats for each arsta is allocated when a station is added. arsta-rxstats will be freed when a station is removed. Redundant allocations occur when the...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a NULL pointer dereferencing issue in smb2getinfofilesystem. If share is provided, share-path will be NULL, which can lead to a NULL pointer dereferencing issue...

5.5CVSS5.6AI score0.00135EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Sysv: Do not call sbbread with pointerlock held. syzbot reports sleep in atomic context in the SysV filesystem 1. For sbbread, the function is called with rwspinlock held. A bug involving a “deadlock due to...

5.3CVSS6.3AI score0.00966EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: jfs: fixed an array-index-out-of-bounds issue in diNewExt Syz report UBSAN: array-index-out-of-bounds in fs/jfs/jfsimap.c:2360:2 Index -878706688 is out of range for the type 'struct iagctl128' CPU: 1 PID: 5065 Comm:...

7.8CVSS6.4AI score0.00249EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

A logic issue has been resolved through improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8, and iPadOS 15.7.8; tvOS 16.6, iOS 16.6, and iPadOS 16.6; macOS Ventura 13.5. It is possible for websites to potentially access sensitive user information...

6.5CVSS6.7AI score0.00888EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7996: Fixed possible OOB access in mt7996tx. There is a possibility of Out-of-Boundary access in the mt7996tx routine if linkid is set to IEEE80211LINKUNSPECIFIED...

7.1CVSS5.8AI score0.00137EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in openimageio

A buffer overflow vulnerability exists in OpenImageIO oiio v.2.4.12.0, allowing a remote attacker to execute arbitrary code and cause a denial of service through the readsubimagedata function...

9.8CVSS8AI score0.01315EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rcv: move memblockallowresize after linear mapping is ready The initial memblock metadata is accessed from the kernel image mapping. The regions arrays need to be “reallocated” from memblock and accessed through linear mapping to...

5.7AI score0.00195EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libcommons-fileupload-java, tomcat9

The allocation of resources for multipart headers with insufficient limits enabled created a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: versions from 1.0 before 1.6, and from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to version 1...

7.5CVSS6.9AI score0.64718EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fixed the issue where “r10bio-remaining” was leaked for recovery purposes. raid10syncrequest will add “r10bio-remaining” for both rdev and replacement rdev. However, if the read I/O fails, recoveryrequestwrite returns...

5.5CVSS5.7AI score0.0014EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: gve: Implement gettimex64 with -EOPNOTSUPP. At this time, gve has implemented a ptpclock that exclusively uses doAuxWork. ptpClockgettime and ptpSysoffset assume that every ptpclock has implemented either gettimex64 or...

5.7AI score0.00162EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fixed an issue with error unwinding of XDP initialization. When initializing XDP in virtnetopen, some rq xdp initializations may encounter errors, resulting in failed network device openings. However, previous rqs have...

5.5CVSS5.6AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iio: accel: kxcjk-1013: Fixed a possible memory leak in the probe function by removing the data-dreadytrig condition. When the ACPI type is ACPISMO8500, data-dreadytrig will not be set, and the memory allocated by...

5.5CVSS5.8AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libcaca

A flaw was discovered in libcaca. A buffer overflow in the export.c file, specifically in the exporttroff function, may lead to memory corruption and other potential issues...

7.8CVSS7.1AI score0.0125EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in nss

NSS has demonstrated timing differences during the execution of DSA signatures, which can be exploited and may eventually lead to the leakage of private keys. This vulnerability affects Thunderbird versions 68.9.0, Firefox versions 77, and Firefox ESR versions 68.9...

4.4CVSS6.7AI score0.00651EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: afs: Fixed page leak There is a loop in afaxtendwriteback that adds extra pages to the write operation. We want to improve the efficiency of this write-back process by making the write operation larger. However, this loop stops i...

5.5CVSS5.9AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: SELinux: The use of both GFPKERNEL and GFPATOMIC in convertcontext was enabled. The following warning was triggered in a hardware environment: SELinux: Converting 162 SID table entries... BUG: The sleeping function was called...

6AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: afs: Fixed the delayed allocation of a cell’s anonymous key. The allocation of a cell’s anonymous key is performed in a background thread, along with other cell-related operations such as making DNS calls. In the reported bug, th...

5.7AI score0.00176EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: Do not clobber swpentryt during THP split. The following issue was observed when running stress mmap since the commit b653db77350c: “mm: Clear page-private when splitting or migrating a page.” Watchdog: BUG: Soft...

5.5CVSS6.2AI score0.00129EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Due to a sequence of events controlled by the attacker, a JavaScript alert dialog with arbitrary although unstyled contents could be displayed over an uncontrolled web page of the attacker’s choice. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...

4.3CVSS6.3AI score0.01622EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

By misusing a race in our notification code, an attacker could have forcibly hide notifications for pages that had received full-screen and pointer-lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

4.3CVSS6.7AI score0.01158EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: Fixed a race condition in nfslocalopenfh. Once the clp-cluuid.lock is dropped, another CPU may come in and free the struct nfsdfile that was just added. To prevent this from happening, take the RCU read lock before...

4.7CVSS5.7AI score0.00103EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox URL bar via a crafted HTML page...

6.5CVSS6.8AI score0.0084EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 91.0.4472.77, using Tab Strip in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8AI score0.00788EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: i2c: img-scb – fixed a reference leak when pmruntimegetsync fails. The PM reference count is not expected to be incremented upon a return from the functions imgi2cxfer and imgi2cinit. However, pmruntimegetsync will still incremen...

5.5CVSS5.5AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

An incorrect read request flaw was detected in the Infrared Transceiver USB driver within the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could exploit this flaw to deplete system resources, resulting in a denial of service or potentially causing the...

4.6CVSS6.7AI score0.0046EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

A issue was discovered in the Linux kernel through version 5.16-rc6. In the file mtkvcodecfwvpuinit located in drivers/media/platform/mtk-vcodec/mtkvcodecfwvpu.c, there is a lack of check for the return value of devmkzalloc. This could lead to a null pointer dereferencing...

5.5CVSS6.7AI score0.00651EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

Before version 104.0.5112.79, using "use after free" in the Input component in Google Chrome on the Chrome OS allowed a remote attacker who convinced a user to perform certain user interactions to potentially exploit heap corruption through those interactions...

8.8CVSS7.4AI score0.00763EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

Before version 100.0.4896.88, using tab groups in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7AI score0.00733EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

6.5CVSS7AI score0.0086EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of "after free" in Blink in Google Chrome before version 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.1AI score0.0163EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

The incorrect security UI in full screen in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to spoof the security UI through a crafted HTML page. Chromium security severity: Medium...

6.5CVSS7AI score0.00547EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in cups

The vulnerability of the cupsSNMPStringToOID function in the CUPS printing server is related to the escape from the global buffer. Exploiting this vulnerability allows an attacker to access confidential data and also cause service failures...

7.7CVSS5.8AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Using “after free” in Blink in Google Chrome before version 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00639EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A flaw was discovered in KVM. When calling the KVMGETDEBUGREGS ioctl on 32-bit systems, there might be uninitialized portions of the kvm Debugregs structure that could be copied into user space, resulting in an information leak...

3.3CVSS6.5AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. Chromium security severity: Medium...

8.8CVSS7AI score0.00694EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Parsec

The vulnerability of the seqempty function in the PARSEC security subsystem is related to the assignment of a null pointer. Exploiting this vulnerability allows an attacker to cause a service failure...

5.5CVSS5.8AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS6.1AI score0.00248EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Swiftshader in Google Chrome before version 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00519EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in glib2.0

A issue was discovered in GNOME GLib before version 2.78.5, and also in versions 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus...

5.2CVSS6.4AI score0.00756EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Added a check for kmemdup. Since kmemdup may return a NULL pointer, it would be better to add a check on the return value to avoid dereferencing a NULL pointer...

5.2AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Zabbix

A authenticated user can create a link containing reflected JavaScript code on its own pages and send it to other users. The payload can only be executed with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the sa...

4.4CVSS5.2AI score0.01143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: croseccodec: Fixed a refcount leak in croseccodecplatformprobe. The ofparsephandle function returns a node pointer with a refcount incremented; we should use ofnodeput on it when there is no longer a need for it. Add the...

5.5CVSS6AI score0.00159EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fixed a deadlock that occurred when hugetlboptimizevmemmap was enabled. When I performed hard offline tests with hugetlb pages, a deadlock occurred as follows:...

5.5CVSS6.3AI score0.00175EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed issues where data was not being charged when msg-sg.size contained more data. In tcpbpfsendverdict: If msg-sg.size contains more data after tcpbpfsendmsgredir: c tcpbpfsendverdict tosend = msg-sg.size...

5.5CVSS6.3AI score0.00253EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Before version 91.0.4472.114, using "use after free" in WebGL in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.07367EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Python 3.7, Python 2.7

A issue in the urllib.parse component of Python prior to version 3.11.4 allows attackers to bypass blocklisting methods by providing a URL that starts with blank characters...

7.5CVSS7.5AI score0.20459EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.16 views

Astra Linux – Vulnerability in NTP

In NTP versions prior to 4.2.8p14 and 4.3.x before 4.3.100, ntpd allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address. This occurs because transmissions are rescheduled even when a packet lacks a valid origin timestamp...

7.5CVSS6.2AI score0.02081EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Samba

A flaw was discovered in the way Samba handles file/directory metadata. This flaw allows an authenticated attacker with appropriate permissions to read or modify share metadata, and to perform this operation outside of the share...

6.8CVSS6.7AI score0.00761EPSS
Exploits0References2
Total number of security vulnerabilities18102