Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ASoC: kirkwood – Fixed potential NULL dereferencing issues. In kirkwooddmahwparams, mvmbusdraminfo returns NULL if the CONFIGPLATORION macro is not defined. This bug has been fixed by adding a NULL check. This issue was detected ...

4.4CVSS6.1AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in binutils

A issue was discovered in Binutils readelf 2.38.50. A reachable assertion failure in the function displaydebugnames allows attackers to cause a denial of service...

5.5CVSS5.4AI score0.00397EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Samba

All versions of Samba prior to 4.13.16 are vulnerable to a malicious client that can exploit the race condition of SMB1 or NFS to create a directory in an area of the server file system that is not exported under the share definition. Note that SMB1 must be enabled, or the share must also be...

2.5CVSS6.2AI score0.00376EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: The call to fini during the creation of the exec queue fails. Every call to queue initialization should include a corresponding fini call. Skipping this would mean skipping the removal of the queue from the GuC list...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

Ubuntu Linux 6.8 GA retains the legacy AFUNIX garbage collector, but the upstream commit 8594d9b85c07 "afunix: Do not call skbget for OOB skb" addresses this issue. When orphaned MSGOOB sockets reach unixgc, the garbage collector still calls kfreeskb, assuming that OOB SKBs hold two references...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Node-EJS

The ejs also known as Embedded JavaScript templates package in Node.js before version 3.1.10 lacked certain measures to prevent pollution...

4CVSS6.4AI score0.00619EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mmc: vub300 – fixed a use-after-free issue upon disconnection. The vub300 driver maintains a explicit reference count for the controller and its driver data. In theory, this reference count can be dropped after the driver is...

7.8CVSS6AI score0.00115EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd: Fixed an out-of-bounds error in the BIOS parser. The array size is hardcoded to 8 in atomfirmware.h, but sometimes the firmware provides a larger array size. Deferencing the larger array causes an out-of-bounds error...

6.1AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 91.0.4472.101, using the "After Free" feature in Google Chrome’s accessibility settings allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7AI score0.00874EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

A privacy issue was addressed through improved handling of files. This issue is fixed in Safari 18.3, iOS 18.3, and iPadOS 18.3, as well as macOS Sequoia 15.3. Copying a URL from the Web Inspector may lead to command injection...

8.8CVSS7.3AI score0.02902EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: Fix memory leak in netlblcipsov4addstd Reported by syzkaller: BUG: Memory leak Unreferenced object: 0xffff888105df7000 size 64 Process: “syz-executor842”, PID: 360, Jiffies: 4294824824 Age: 22.546 seconds Hex dump firs...

5.5CVSS6.3AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: net: fec: fixed the potential memory leak in fecenetinit. If the memory allocated for cbdbase fails, it should free the memory allocated for the queues; otherwise, a memory leak will occur. And if the memory allocated for the...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.14 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. The supported versions affected by this vulnerability are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. This vulnerability is difficult to exploit; an...

7.1CVSS6.8AI score0.06868EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed out-of-bounds reads when finding clock sources The current USB-audio driver code does not check the bLength value of each descriptor during traversal. This means that when a device provides a bogus descript...

7.1CVSS6.5AI score0.01325EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “hungtask”: fixed warnings caused by unaligned lock pointers. The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned, so that their lower bits can be used for type encoding. However, as reported by...

6AI score0.00158EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

A transient execution vulnerability in some AMD processors may allow an attacker to extract data from previous memory stores, potentially leading to the leakage of privileged information...

5.6CVSS6.8AI score0.00425EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in libmysofa

Incorrect handling of input data in the loudness function of the libmysofa library in versions 0.5 to 1.1 can lead to heap buffer overflows and access to unallocated memory blocks...

6.5CVSS6.9AI score0.01223EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: The pointer may be dereferenced. The Klocwork tool reported that the pointer ‘rport’ was returned from a function call. The fcbsgtorport function may return NULL, and the pointer will be dereferenced. A fix has bee...

5.5CVSS6AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed reference state management for synchronous callbacks Currently, the verifier verifies callback functions both synchronous and asynchronous as if they would be executed only once. The next instruction to be explored ...

6.2AI score0.00188EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clean up only new IRQ glue on requestirq failure The mlx5irqalloc function can inadvertently free the entire rmap and end up in a crash1 when the other threads tries to access this, when requestirq fails due to exhauste...

6AI score0.00178EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/sched: Notify always when the child class becomes empty. Certain classful qdiscs may invoke their class’s dequeue handler during an enqueue operation. This may unexpectedly empty the child qdisc, thereby making a passive clas...

7.8CVSS6.3AI score0.0018EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcdmipid: Fixed an error handling path in mipidspiprobe. If ‘mipiddetect’ fails, we must free ‘md’ to avoid a memory leak...

5.5CVSS5.9AI score0.00189EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fixed the global sysfs attribute type. In commit 3666062b87ec “cpufreq: amd-pstate: move to use busgetdevroot”, the “amdpstate” attributes were moved from a dedicated kobject to the root kobject. While the...

5.5CVSS6.2AI score0.00128EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Firmware: dmi-sysfs: Fixed a null-ptr-deref issue in dmisysfsregisterhandle. KASAN reported a null-ptr-deref error: KASAN: Null-ptr-deref in the range 0x0000000000000008-0x000000000000000f. CPU: 0; PID: 1373; Comm: modprobe...

5.5CVSS6AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Regulator: Core – Fix for usecount leakage when handling boot-on. I discovered a situation where usecount leakage occurred in the supplying regulator of rdev when the boot-on option was enabled. ┌───────────────────┐...

5.5CVSS6.1AI score0.00147EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: accel/qaic: Fixed the memory leak caused by slicing operations. The temporary buffer that stores slicing configuration data from the user is only freed in case of an error. This constitutes a memory leak. The buffer should be...

5.5CVSS6AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in binutils

“findabstractinstance” in dwarf2.c, located in the Binary File Descriptor BFD library also known as libbfd, as part of GNU Binutils 2.32, allows remote attackers to cause a denial of service infinite recursion and application crash through a crafted ELF file...

6.5CVSS6.8AI score0.02752EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 115. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 116...

9.8CVSS7.6AI score0.00633EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Memory safety bugs exist in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. Th...

9.8CVSS7.4AI score0.00849EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash, which could have led to a sandbox escape. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

7.5CVSS7.3AI score0.13694EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Race conditions in reference counting code were identified through code analysis. These conditions could lead to exploitable use-after-free vulnerabilities. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

5.9CVSS6.9AI score0.00633EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in libpng1.6

A issue has been identified in third-party PNM decoding related to libpng 1.6.35. It is a stack-based buffer overflow in the gettoken function located in the pnm2png.c file within pnm2png...

8.8CVSS6.9AI score0.03554EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libde265

It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the use of putqpel00fallback16 in the fallback-motion.cc file. This vulnerability allows attackers to cause a Denial of Service DoS attack by using a specially crafted video file...

6.5CVSS6.8AI score0.00844EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in SOX

In SoX 14.4.2, there is a floating-point exception in lsxaiffstartwrite in the aiff.c file of libsox.a...

5.5CVSS6.7AI score0.01114EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: The delay in putting pmc-idev into mlddeldelrec has been fixed. pmc-idev is still used in ip6mcclearsrc, just like in mldcleardelrec. Therefore, the reference to pmc-idev should be placed after the return of...

7.8CVSS6.1AI score0.00144EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: afpacket: moved the call to packetdevmc out of the RCU critical section. Syzkaller reports the following issues: BUG: A sleeping function is called from an invalid context at kernel/locking/mutex.c:578 mutexlock+0x106/0xe80...

5.5CVSS6.7AI score0.001EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Qemu

QEMU 5.0.0 has a heap-based Buffer Overflow in the flatviewreadcontinue function in exec.c, as hw/sd/sdhci.c improperly handles a write operation in the SDHCBLKSIZE case...

5CVSS6.5AI score0.00638EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in imlib2

It was discovered that imlib2 v1.9.1 mishandles memory allocation in the initimlibfonts function...

8.8CVSS7.3AI score0.00659EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: dsi: Added a check for the return value of offinddevicebynode. Added a check on the return value of offinddevicebynode, and return an error if it fails, in order to avoid NULL pointer dereferencing...

5.5CVSS6.4AI score0.00304EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2SESSIONSETUP commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...

9CVSS6.8AI score0.02593EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in binutils

A issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. The simpleobjectelfmatch function in simple-object-elf.c does not check for a zero value of shstrndx, resulting in an integer overflow and a heap-based buffer overflow...

5.5CVSS7.1AI score0.02317EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in python-reportlab

The paraparser module in ReportLab before version 3.5.31 allows for remote code execution. This occurs because the startunichar function in paraparser.py evaluates untrusted user input as a Unicode character in a crafted XML document. The input includes the string “'code='” followed by arbitrary...

9.8CVSS7.7AI score0.04452EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Memory safety bugs exist in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...

9.8CVSS7.4AI score0.00732EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A out-of-bounds read could have led to a exploitable crash during HTML parsing using the DOMParser in low-memory situations. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

7.5CVSS7.1AI score0.00827EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

In some cases, a stale value might have been used for a global variable during WASM JIT analysis. This led to incorrect compilation and potentially exploitable crashes in the content process. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

5.3CVSS6.6AI score0.01007EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Offscreen Canvas did not properly prevent cross-origin tampering, which could have been used to access image data from another site in violation of the same-origin policy. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

5.3CVSS6.6AI score0.00527EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in golang-golang-x-net

An attacker can cause excessive memory usage in a Go server that accepts HTTP/2 requests. HTTP/2 server connections include a cache of HTTP header keys sent by the client. Although the total number of entries in this cache is limited, an attacker who sends very large keys can cause the server to...

5.3CVSS7.2AI score0.05623EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.14 views

Astra Linux – Vulnerability in Jackson-Databind

A deserialization flaw was discovered in Jackson-Databind through version 2.9.10.4. This flaw could allow unauthenticated users to execute code via Ignite-JTA or Quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

8.1CVSS7.1AI score0.03301EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Zabbix

JavaScript preprocessing can be exploited by attackers to gain access to the file system read-only access on behalf of the user “zabbix” on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...

8.5CVSS7.1AI score0.0105EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Git

Git is a distributed revision control system. git log can display commits in an arbitrary format using its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators, there is an integer overflow in...

9.8CVSS9AI score0.44268EPSS
Exploits0References2
Total number of security vulnerabilities18102