Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nbd: Null check for nlaneststart nlaneststart may fail and return NULL. A check should be added, and errno should be set based on other calls within the same source code...

5.5CVSS5.8AI score0.00292EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx – call finalize with bh disabled When calling cryptofinalizerequest, the error bit BH should be disabled to avoid triggering the following calltrace: ------------- Cut here -------------- WARNING: CPU: 2 PID: 74 at...

5.5CVSS5.8AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: afs: Increase the buffer size in afsupdatevolumestatus. The maximum length of the volume-vid value is 20 characters. Therefore, increase the size of idbuf to 24 to avoid overflow. Found by the Linux Verification Center...

7.8CVSS5.6AI score0.00263EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Firefox

Data was not properly sanitized during the decoding of a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox versions earlier than 124...

7.5CVSS7.1AI score0.00501EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

In V8 of Google Chrome, out-of-bounds memory access before version 122.0.6261.111 allowed a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.13556EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Accessibility in Google Chrome before version 122.0.6261.57 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through specific UI gestures. Chromium security severity: Medium...

8.8CVSS7.2AI score0.00795EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

In specific HSTS configurations, an attacker could bypass HSTS on a subdomain. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

6.5CVSS6.6AI score0.00711EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in gnutls28

A vulnerability was discovered in GnuTLS. The response times to malformed ciphertexts in the RSA-PSK ClientKeyExchange differ from those of ciphertexts with correct PKCS1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack during the RSA-PSK key exchange,...

7.5CVSS6.7AI score0.01614EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in SQLite3

A vulnerability was discovered in SQLite SQLite3 version 3.43.0 and is classified as critical. This issue affects the sessionReadRecord function in the file ext/session/sqlite3session.c of the make alltest component. The vulnerability results in a heap-based buffer overflow. It is recommended to...

7.3CVSS6.5AI score0.01249EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Qemu

A stack-based buffer overflow was discovered in the virtio-net device of QEMU. This issue occurs when flushing the TX operation in the virtionetflushtx function, provided that the guest has enabled VIRTIONETFHASHREPORT, VIRTIOFVERSION1, and VIRTIONETFMRGRXBUF. This could allow a malicious user to...

5.3CVSS7AI score0.0033EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: The issue involves bcm: – a UAF Use-After-Free flaw in bcmprocshow. Bug: KASAN: A slabuse-after-free issue occurs in bcmprocshow+0x969/0xa80. A size 8 data block was read from address ffff888155846230 by the task cat/7862. CPU: 1...

7.8CVSS6.1AI score0.00286EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fixed an issue where UBSAN used an array-index that was out of bounds for SMU7. For pptable structures that use flexible array sizes, use flexible arrays instead...

7.8CVSS5.7AI score0.00257EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When checking whether the Browsing Context was discarded in HttpBaseChannel, if the load group was not available, it was assumed that the Browsing Context had already been discarded. However, this assumption was not always true for private channels after the private session ended. This...

7.5CVSS6.7AI score0.00565EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When receiving rendering data via IPC mStream, it might have been destroyed during initialization, which could lead to a use-after-free condition and potentially cause a crash. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...

6.5CVSS6.7AI score0.00545EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in PDFs in Google Chrome before version 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption through a crafted PDF file. Chromium security severity: High...

8.8CVSS7.3AI score0.00918EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Docker-Registry

A flaw was discovered in the /v2/catalog endpoint located in the distribution/distribution directory. This endpoint accepts a parameter that controls the maximum number of records to be returned query string: n. This vulnerability allows a malicious user to submit an excessively large value for n...

6.5CVSS6.5AI score0.00938EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

Incorrect verifier pruning in the BPF module of the Linux kernel version 5.4 and above leads to unsafe code paths being incorrectly marked as safe. This results in arbitrary read/writes to kernel memory, lateral privilege escalation, and container escapes...

10CVSS7.2AI score0.03546EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libbpf

A vulnerability has been discovered in the Linux kernel. It has been identified as problematic. This issue affects the parseusdtarg function in the tools/lib/bpf/usdt.c file of the BPF component. Manipulating the regname argument leads to a memory leak. It is recommended that a patch be applied t...

5.7CVSS5.4AI score0.00419EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libxml2

In libxml2 before version 2.10.4, parsing certain invalid XSD schemas can lead to a NULL pointer dereferencing, followed by a segfault. This issue occurs in the xmlSchemaFixupComplexType function in xmlschemas.c...

6.5CVSS6.6AI score0.01086EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Memory access beyond the allowed boundaries in the Service Worker API in Google Chrome prior to version 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01059EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.40798EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

6.5CVSS6.8AI score0.00889EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions through a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.7AI score0.00712EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation of Omnibox in Google Chrome prior to version 99.0.4844.51 allowed an attacker with privileged network access to perform a man-in-the-middle attack through malicious network traffic. Chromium security severity: Low...

3.1CVSS5.8AI score0.00238EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Extensions in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to spoof extension storage via a crafted HTML page. Chromium security severity: High...

6.5CVSS6.6AI score0.0048EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in xorg-server

A vulnerability was discovered in X.Org. This security flaw arises because the XkbCopyNames function left a dangling pointer pointing to freed memory, allowing for out-of-bounds memory access during subsequent XkbGetKbdByName requests. This issue can lead to local privileges escalation on systems...

7.8CVSS7.7AI score0.00958EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in curl

There is an improper authentication vulnerability in curl versions 7.33.0 through and including 7.82.0. This vulnerability may allow for the reuse of OAUTH2-authenticated connections without ensuring that the connection was authentically verified with the same credentials used for this transfer...

8.1CVSS6.5AI score0.01914EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

A NULL pointer dereference issue was discovered in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, resulting in a kernel oops condition that causes a denial of service...

5.5CVSS6.8AI score0.00419EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/smc: corrected the incorrect listdel in smclgrcleanupearly. The function smclgrcleanupearly was supposed to delete the link group from the link group list, but it accidentally deleted the list head. This could lead to memory...

7.8CVSS5.2AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixed a potential memory leak related to gpumetricstable. Memory is allocated for gpumetricstable in renoirinitsmctables, but it is not freed in int smuv120finismctables. Please free that memory accordingly...

5.5CVSS6.2AI score0.00265EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow vulnerability existed in the Downloads feature of Google Chrome on Android, prior to version 104.0.5112.101. This vulnerability allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.6AI score0.0176EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Integer overflow in the Window Manager in Google Chrome on the Chrome OS and Lacros before version 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out-of-bounds memory write via crafted UI interactions. Chrome security severity: Hig...

8.8CVSS7.4AI score0.00541EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Vim

Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 9.0.0044...

7.8CVSS7.1AI score0.01302EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Vim

Out-of-bounds read in the GitHub repository for Vim before version 8.2...

7.8CVSS6.7AI score0.0145EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

Before version 102.0.5005.61, using the "after free" feature in Indexed DB in Google Chrome allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page...

9.6CVSS7.3AI score0.0088EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Vim

A heap-based buffer overflow vulnerability occurs in Vim in the GitHub repository vim/vim, prior to version 8.2.4563...

8.4CVSS7.4AI score0.00698EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Vim

Vim is vulnerable to Out-of-bounds Read attacks...

5.5CVSS6.8AI score0.01762EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Vim

Vim is vulnerable to Heap-based Buffer Overflow attacks...

9.3CVSS7.1AI score0.01669EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Vim

Vim is vulnerable to Heap-based Buffer Overflow attacks...

7.8CVSS6.9AI score0.01389EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in cyrus-sasl2

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, the plugins/sql.c file does not escape the password used in SQL INSERT or UPDATE statements...

8.8CVSS7.1AI score0.04123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: JAXP. The supported versions affected by this vulnerability include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily...

5.3CVSS6.5AI score0.02825EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 101.0.4951.41, using free after development tools in Google Chrome allowed a remote attacker to potentially exploit heap corruption through specific and direct user interactions...

8.8CVSS7AI score0.0074EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A vulnerability was discovered in the pfkeyregister function in the net/key/afkey.c file within the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, resulting in a system crash or the leakage of internal kernel information...

7.1CVSS6.7AI score0.00388EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A use-after-free flaw was discovered in the Linux kernel’s Amateur Radio AX.25 protocol functionality, regarding the way users connect with the protocol. This flaw allows a local user to crash the system...

5.5CVSS6.7AI score0.00385EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in the WebUI of Google Chrome prior to version 100.0.4896.60 allowed a remote attacker who convinced a user to perform certain user interactions to potentially exploit heap corruption by making specific inputs in DevTools...

8.8CVSS7.2AI score0.00723EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

Before version 99.0.4844.74, using Safe Browsing in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

9.6CVSS7.3AI score0.00744EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Cast in Google Chrome before version 99.0.4844.51 allowed attackers to convince users to install a malicious extension and induce specific user interactions, thereby potentially exploiting heap corruption through a crafted Chrome Extension...

8.8CVSS7.3AI score0.00737EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: fix null-ptr-deref in icmpbuildprobe The ipv6stub-ipv6devfind function may return ERRPTR-EAFNOSUPPORT when the IPv6 stack is not active CONFIGIPV6=m and not loaded. Passing this error pointer to devhold will cause a...

7.5CVSS5.7AI score0.0049EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Jetty9

There exists a security vulnerability in Jetty’s DosFilter that can be exploited by unauthorized users to cause remote denial-of-service DoS attacks on servers using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server’s memory...

7.5CVSS6.4AI score0.00946EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation when parsing a UDP packet, due to an underflow of the netprocessreceivedpacket integer value during the ncinputpacket call...

9.8CVSS7AI score0.02666EPSS
Exploits0References2
Total number of security vulnerabilities18102