Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in the 389-DS-base

A flaw was discovered in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then any password will successfully match during authentication, instead of being inactive. This flaw allows an attacker to successfully authenticate as a user whose password h...

6.5CVSS6.6AI score0.01428EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in TabStrip in Google Chrome prior to version 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.1AI score0.01726EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: erofs: Fix for lz4 inplace decompression Currently, EROFS can map another compressed buffer for inplace decompression, which was used to handle cases where some pages of compressed data are not actually in-place I/O. However, lik...

6.1CVSS6.2AI score0.00278EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89 – fixed a potential leak in rtw89.AppendProbeReqie. Perform kfreeskbnew before goto out to prevent potential leaks...

5.5CVSS5.2AI score0.00143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/hisi: The second sensor, hi3660, was removed. The commit 74c8e6bffbe1 “driver core: Add allocsize hint to devm allocators” exposes a panic “BRK handler: Fatal exception” during the hi3660thermalprobe function. Thi...

5.5CVSS6.1AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in Cryptohome’s security measures in Google Chrome prior to version 88.0.4324.96 allowed a local attacker to perform OS-level privilege escalation through a specially crafted file...

7.8CVSS7.1AI score0.00221EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in qt4-x11, qtbase-opensource-src

A issue was discovered in Qt before version 5.15.15, in versions 6.x before 6.2.10, and in versions 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion...

7.5CVSS7.3AI score0.01076EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.27 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ntbnetdev: Use devkfreeskbany in interrupt context. TX/RX callback handlers ntbnetdevtxhandler, ntbnetdevrxhandler can be called in interrupt context via the DMA framework after the respective DMA operations are completed...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

The use of frames with free in Google Chrome before version 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.9AI score0.00968EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

A vulnerability related to out-of-bounds reads has been addressed through improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2, and iPadOS 15.2, as well as watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code executio...

8.8CVSS7.5AI score0.01939EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fixed a potential memory leak in paprgetattr. The buffer is allocated in paprgetattr, and the krealloc call for buf could fail. In the event of a failure, we need to free the original buf...

5.5CVSS6.4AI score0.00272EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS7.2AI score0.07003EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in exim4

Exim: Improper Neutralization of Special Elements Leading to Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected Exim installations. Authentication is not required to exploit this vulnerability. The specific flaw resides within the...

9.8CVSS8.6AI score0.05673EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in gst-plugins-bad1.0

GStreamer MXF File Parsing: Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may vary...

8.8CVSS8.6AI score0.01744EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

In Google Chrome, the use of "after free" in protocol handling before version 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.1AI score0.01602EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: filemap: Replace pteoffsetmap with pteoffsetmapnolock. The vmf-ptl in filemapfaultrecheckptenone is still set from handleptefault. However, at the same time, we performed a pteunmapvmf-pte operation. After this unmap operation an...

3.3CVSS5.7AI score0.00179EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Always pass an error pointer to sevplatformshutdownlocked When 9770b428b1a2 “crypto: ccp – Move devinfo/err messages for SEV/SNP init and shutdown” moved the error messages so that they don’t need to be issued by...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in RustC

In the standard library of Rust before version 1.52.0, the Zip implementation has a panic safety issue. It calls iteratorgetunchecked more than once for the same index when the underlying iterator panics under certain conditions. This bug could lead to a memory safety violation due to an unmet...

5.3CVSS7.1AI score0.01566EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Error handling was added in xhcimapurbfordma. Currently, xhcimapurbfordma creates a temporary buffer and copies the SG list to the new linear buffer. However, if kzallocnode fails, the call to sgpcopytobuffer may lead ...

5.5CVSS6AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Since commit a4d5613c4dc6 “arm: extend pfnvalid to take into account freed memory map alignment” changes the semantics of pfnvalid to check the presence ...

5.5CVSS5.6AI score0.0023EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix the reference leak The commit 20d72b00ca81 “netfs: Fix the request’s work item to not require a ref” modifies the netfsallocrequest function to initialize the reference counter to 2 instead of 1. The rationale is that...

5.9AI score0.00205EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in PHP 7.3

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when the pdomysql extension with the mysqlnd driver is used, if the third-party provider is allowed to provide the host and the connection password, an excessively long password can trigger a buffer overflow in PHP,...

8.8CVSS9.4AI score0.5838EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Netty

The Netty project is an event-driven, asynchronous network application framework. Starting from version 4.1.83.Final and before 4.1.86.Final, when calling DefaultHttpHeaders.set with an iterator of values, header value validation was not performed. This allowed malicious header values in the...

6.5CVSS7AI score0.00885EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Systemd

Before version 247, systemd does not properly prevent local privilege escalation for certain Sudo configurations. For example, plausible sudoers files may allow the execution of the “systemctl status” command. Specifically, systemd does not set LESSSECURE to 1, allowing other programs to be...

7.8CVSS6.6AI score0.01051EPSS
Exploits4References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

A flaw was discovered in the IPv6 module of the Linux kernel. The arg.result parameter was not used consistently in fib6rulelookup; sometimes rt6info was used, and other times fib6info. This issue was not accounted for in other parts of the code, where rt6info was expected to be used...

5.5CVSS6.7AI score0.00198EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: HID: betop: fixed a slab-out-of-bounds Write issue in betopprobe. Syzbot reported a slab-out-of-bounds Write bug in the hid-betopff driver. The issue arises because the driver assumes that the device must have an input report;...

7.8CVSS6.4AI score0.00261EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 119. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 120...

8.8CVSS7.6AI score0.00663EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

A race condition has been addressed through improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2, and iPadOS 15.2, as well as watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...

7.5CVSS7.3AI score0.01657EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

10CVSS8.9AI score0.02136EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fscache: Use waitonbit to wait for the relinquished volume to be freed. The freeing of the relinquished volume will wake up the pending volume acquisition by using wakeupbit. However, this approach conflicts with waitvarevent,...

5.5CVSS6.1AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tmpfs: fixed a race condition in handling dquot rbtree. A syzkaller reproducer identified a race condition when attempting to remove dquot information from the rbtree. The process of fetching the root node of the rbtree must also...

4.7CVSS5.3AI score0.00476EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Firefox and Thunderbird

An attacker could exploit XSLT error handling mechanisms to associate attacker-controlled content with another origin that is displayed in the address bar. This could be used to trick users into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird 102.2,...

6.5CVSS6.9AI score0.00361EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

A use-after-free vulnerability exists in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before version 2.36.8, allowing attackers to execute code remotely...

8.8CVSS7.9AI score0.00974EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed an out-of-bounds shift in CalculateVMAndRowBytes. REASON When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dmllog2 returns an unexpected negative value: The shift exponent...

7.8CVSS6.2AI score0.00174EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Tomcat9

There is a vulnerability related to improper input validation in Apache Tomcat. In versions of Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82, and from 8.5.0 through 8.5.95, HTTP trailer headers were not parsed correctly. A trailer header th...

7.5CVSS6.9AI score0.02651EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fixed an issue where free was called after the memory was allocated. Our code analyzer reported a Use-after-Free UAF vulnerability. In the function siwallocmr, it calls siwmraddmemmr,.... In the implementation of...

7.8CVSS6.3AI score0.00268EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in bluez

In BlueZ before version 5.55, a double-free error was detected in the gatttool disconnectcb routine from the shared/att.c file. A remote attacker could potentially cause a denial of service or code execution during service discovery, due to the redundant disconnect MGMT event...

8.6CVSS8AI score0.04242EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btusb: Added a NULL check for “date-evtskb”. Fixed a crash due to NULL pointers. 6104.969662 BUG: NULL pointer dereferencing in the kernel; address: 00000000000000c8 6104.969667 PF: Supervisor read access in kernel...

5.5CVSS6.2AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebGL in Google Chrome prior to version 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.6AI score0.01551EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: fixed an issue where the algorithm used for encoded extents was invalid. The current algorithm sanity checks do not properly apply to newly encoded extents. We need to unify the algorithm checks with the...

5.5CVSS5.3AI score0.00119EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, the checkflowkeysaccess function only uses a fixed offset for validation. However, the variable offset ptr isn’t prohibited for this type of pointer. Therefore,...

7.8CVSS6.3AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed memory leakage This patch addresses potential memory leakage and segmentation faults in the gpuvmimportdmabuf function...

5.5CVSS5.9AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in LibreOffice

LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted using a single master key provided by the user. There was a flaw in LibreOffice where the master key was poorly encoded, resulting in a reduction in its entro...

8.8CVSS8.1AI score0.01139EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in sysstat

In sysstat version 12.2.0, there is a double-free in the checkfileactlst function within sacommon.c...

9.8CVSS8AI score0.02762EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1, Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: TLS: Fixed a race condition between TX work scheduling and socket closure. Similar to previous commits, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler’s call completes. Reordering the...

4.7CVSS5.8AI score0.0019EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm, thp: Bail out early for writeback pages in collapsefile Currently, collapsefile does not explicitly check PGwriteback. Instead, pagehasprivate and trytoreleasepage are used to filter writeback pages. This approach does not wo...

5.5CVSS5.7AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

The use of after-free in WebRTC in Google Chrome before version 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.13813EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

The use of Mojo after free in Google Chrome before version 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01057EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Add acpiputtable to prevent a memory leak. When the radeon driver reads BIOS information from the ACPI table in radeonacpivfctbios, it fails to call acpiputtable to release the ACPI memory after initialization...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix OOB read If the index provided by the user is larger than the mask size, we might perform an out-of-bound read...

7.1CVSS5.5AI score0.00233EPSS
Exploits0References2
Total number of security vulnerabilities18102