Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: ARM: bcm: Fixed a refcount leak in bcmkonasmcinit. The offindmatchingnode function returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Added ofnodeput to avo...

5.5CVSS6.2AI score0.00208EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libtar

The thread function does not free the variable t-thbuf.gnulonglink after allocating memory, which may lead to a memory leak...

7.5CVSS6.9AI score0.01431EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: clk: Get runtime PM before walking the tree during disableunused. Doug reported 1 the following hung task: INFO: task swapper/0:1 was blocked for more than 122 seconds. Not tainted 5.15.149-21875-gf795ebc40eb8 1 “echo 0...

5.5CVSS6.5AI score0.00211EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RISCV: Vector: Fixed the context saving/restoring with xtheadvector. Previously, only v0-v7 were correctly saved/restored, and the context of v8-v31 was corrupted. Now, v8-v31 are correctly saved/restored to avoid breaking the us...

5.5CVSS5.5AI score0.00137EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in libsoup2.4

A flaw was discovered in libsoup. The libsoup appendparamquoted function may contain an overflow bug, which can lead to a buffer under-read...

5.9CVSS6.8AI score0.00714EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed NULL pointer dereference in the KFD queue. Through KFD IOCTL fuzing, we encountered a NULL pointer dereference when calling kfdqueueacquirebuffers. Cherry-picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d...

5.5CVSS6.3AI score0.00188EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: clk: tegra; tegra124-emc: Fixed a potential memory leak. The resources associated with “tegra” and “tegra124-emc” need to be freed during error handling, otherwise they may be leaked...

5.5CVSS5.8AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in WebKit2GTK

A memory corruption issue has been resolved through improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4, and iPadOS 16.4, as well as iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report...

8.8CVSS8.6AI score0.22951EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in WebKit2GTK

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in macOS Ventura 13, iOS 16.1, iPadOS 16, and Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS8.1AI score0.00775EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: exfat: Fixed the infinite loop in exfatreaddir. If the file system is corrupted in such a way that a cluster links itself to another cluster in the cluster chain, and there is an unused directory entry in the cluster, the variabl...

5.5CVSS6.3AI score0.00218EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in dosplit Syzkaller detected a use-after-free issue in ext4insertdentry that was caused by out-of-bounds access due to incorrect splitting in dosplit. BUG: KASAN: use-after-free in...

5.5CVSS6.4AI score0.00171EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix for NPE during rxcomplete. There is a missing validation of usbnetgoingaway in the critical path. The usbsubmiturb function lacks this validation, while usbnetqueueskb includes this check. This inconsistency creates a...

4.7CVSS6.4AI score0.00166EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: FMODEWRITE is required for atomic write IOctls. The F2FS IOctls for starting and committing atomic writes check for inodeownerorcapable, but this does not provide LSMs like SELinux or Landlock with an opportunity to deny...

5.5CVSS6.3AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fixed the trampoline for BPFTRAMPFCALLORIG. When BPFTRAMPFCALLORIG is set, the trampoline calls the bpftrampenter and bpftrampexit functions, passing struct bpftrampimage im as an argument in R0. The trampoline...

5.5CVSS5.7AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode, get a reference to the parent and put it in the...

7.8CVSS6.4AI score0.00244EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: corrected the incorrect free operation in pinctrlenable. The “pctldev” structure is allocated in devmpinctrlregisterandinit. It’s a devmmanaged pointer that is freed by devmpinctrldevrelease. Therefore, freeing it ...

7.8CVSS6.4AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fixed to avoid migrating empty sections. A bug has been reported from a device with zufs: F2FS-fs dm-64: Inconsistent segment type 1, 0 in SSA and SIT. F2FS-fs dm-64: The filesystem was stopped due to reason: 4. Thread A...

5.9AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Skip the scalar adjustment for BPFNEG if the destination is a pointer. In checkaluop, the verifier currently calls checkregarg and adjustscalarminmaxvals unconditionally for BPFNEG operations. However, if the destination...

5.8AI score0.00202EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The striptags method and the striptags template filter are vulnerable to a potential denial-of-service attack due to certain inputs containing large sequences of nested incomplete HTML entities...

7.5CVSS6.7AI score0.01398EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ftrace: Added condresched to ftracegraphsethash. When the kernel contains a large number of functions that can be traced, the loop in ftracegraphsethash may take a long time to execute. This may trigger the softlockup watchdog. B...

5.5CVSS6.3AI score0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

Linux block and network PV device frontends do not zero memory regions before sharing them with the backend CVE-2022-26365, CVE-2022-33740. Additionally, the granularity of the grant table does not allow sharing smaller than a 4K page, resulting in unrelated data residing in the same 4K page as...

7.1CVSS6.7AI score0.00322EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Mariadb 10.3

MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected MariaDB installations. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...

7.8CVSS7.2AI score0.00644EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in openssl1.0

Calls to the EVPCipherUpdate, EVPEncryptUpdate, and EVPDecryptUpdate functions may cause the output length argument to overflow in some cases where the input length is close to the maximum permissible length for integers on the platform. In such cases, the return value from the function call will...

7.5CVSS6.6AI score0.50732EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix for the hang during reboot/shutdown The recent commit 974578017fc1 “iavf: Add waiting so the port is initialized in remove” adds a wait-loop at the beginning of iavfremove, to ensure that port initialization is complete...

5.5CVSS6.1AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mtd: rawnand: brcmnand: fixed the PM resume warning The warning during PM resume was fixed as shown below, due to an uninitialized struct nandoperation that checks the chip select field: WARNONop-cs = nanddevntargets&chip-base...

7.8CVSS6.5AI score0.00276EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: cdceem: Fixed an issue where, when usbnet transmits a skb, it was fixed within eemtxfixup. If skbcopyexpand fails, it returns NULL. In this case, usbnetstartxmit has no chance to free the original skb. The solution is to fir...

5.5CVSS6.1AI score0.00228EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Chromium

Before version 88.0.4324.182, using "Use after free" in Downloads in Google Chrome on Windows allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...

9.6CVSS7.4AI score0.0117EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Added a encoder check in hdcp2getcapability. Also added a encoder check in intelhdcp2getcapability to avoid null pointer errors...

5.5CVSS6.2AI score0.00204EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevented potential UAF Unauthorized Arbitrary File Access. If we encounter the error path, the previous fence if there is one has already been put. Therefore, performing a fencewait might lead to UAF. We need to...

7.8CVSS5.7AI score0.00143EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter consumes significant memory when dealing with a string representation of a number in scientific notation with a large exponent...

7.5CVSS6.7AI score0.012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fixed a potential out-of-bound memory access issue. If xdbcbulkwrite fails, the values in ‘buf’ can be anything. Therefore, it is not guaranteed that the string will be terminated with NULL when xdbcTrace is...

5.7AI score0.00214EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. A lack of enforcement of an upper-bound limit on strings passed during IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS6.5AI score0.01854EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in golang-go.crypto

Applications and libraries that misuse the connection.serverAuthenticate function via the ServerConfig.PublicKeyCallback callback field may be susceptible to authorization bypasses. The documentation for ServerConfig.PublicKeyCallback states that “Calling this function does not guarantee that the...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize and urlizetrunc template filters are vulnerable to a denial-of-service attack due to very large inputs containing a specific sequence of characters...

7.5CVSS6.8AI score0.25327EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/hugetlb: fixed a situation where the kernel NULL pointer dereference occurred when replacing free hugetlb folios. A kernel crash was observed when replacing free hugetlb folios: BUG: kernel NULL pointer dereference, address...

5.5CVSS6.2AI score0.0014EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. The urlize and urlizetrunc functions were vulnerable to a potential denial-of-service attack due to certain inputs containing an extremely large number of brackets...

7.5CVSS6.6AI score0.01187EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in binutils

Heap buffer overflow vulnerability in binutils’ readelf before version 2.40, caused by the function findsectioninset in the file readelf.c...

7.8CVSS6.3AI score0.00461EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in docker.io

Moby is an open-source container framework developed by Docker Inc., distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component, dockerd, which was originally developed as “moby/moby”, is commonly referred to as Docker. Swarm Mode ...

8.7CVSS7AI score0.02733EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: added a sanity check for gsm-receive in gsmreceivebuf A null pointer dereference can occur when attempting to access the “gsm-receive” function in gsmldreceivebuf. Currently, the code assumes that gsm-recieve is only...

5.5CVSS6.4AI score0.0019EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Audit: Fixed an out-of-bounds read in auditcomparednamepath. When a watch on dir=/ is combined with a fsnotify event for a single-character name directly under / e.g., creating /a, an out-of-bounds read can occur in...

7.1CVSS6.1AI score0.00139EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 5.0, prior to versions 5.0.7 and 4.2, prior to version 4.2.14. The derived classes of the django.core.files.storage.Storage base class, when they override generatefilename without replicating the file-path validations from the parent class, may allow directory...

4.3CVSS6.7AI score0.01008EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a reference count leak when an invalid session is found during session lookup. When a session is found, but its state is not SMB2SESSIONVALID, it indicates that no valid session was found. However, the reference coun...

5.5CVSS6.1AI score0.00118EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fixed a memory leak when insertoldidx failed. The following process will cause a memory leak for the copied znode: dirtycowznode zn = copyznodec, znode; err = insertoldidxc, zbr-lnum, zbr-offs; if unlikelyerr return...

5.8AI score0.00216EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/arm-cmn: Rejects unsupported hardware configurations. So far, we have been fairly lenient in accepting both unknown CMN models at least with a warning, as well as unknown revisions of those models that we do know about...

7.8CVSS6.4AI score0.00139EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A mechToken leak was fixed when the SPNEGO decoding failed after the token allocation. The kernel’s ASN.1 BER decoder calls action callbacks incrementally as it processes the input. When ksmbddecodenegTokenInit reaches the...

5.5CVSS6AI score0.00136EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock issues When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array...

9.1CVSS5.9AI score0.00442EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Decrementing rereceiving on early exit paths In cases where rpcrdmapostrecvs fails to create a work request due to memory allocation failures, for example or exits early, we should decrement ep-rereceiving before...

7.5CVSS5.7AI score0.0038EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint: pci-epf-vntb: Remove duplicate resource teardown The epfntbepcdestroy function duplicates the teardown that the caller is supposed to perform later. This leads to an error when .allowlink fails, or when .droplink i...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: The backing store type is set based on the query type. The bnxthwrmfuncbackingstoreqcapsv2 function stores resp-type from the firmware response in ctxm-type. This value is then used to index fixed backing-store metadata...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in binutils

A vulnerability has been identified in GNU Binutils 2.45. The affected component is the vfinfo function in the file ldmisc.c. Executing certain manipulations may lead to out-of-bounds read vulnerabilities. This attack can only be executed locally. The exploit has been made available to the public...

5.5CVSS5.7AI score0.00251EPSS
Exploits1References2
Total number of security vulnerabilities18102