Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of after-free in memory management in Google Chrome before version 137.0.7151.103 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.1AI score0.00401EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Bookmarks in Google Chrome before version 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00773EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A out-of-bounds read vulnerability was discovered in smbCalcSize in the fs/smb/client/netmisc.c file within the Linux kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

7.1CVSS6.7AI score0.00526EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fixed a use-after-free in r535gsprpcpush. The RPC container is released after being passed to r535gsprpcsend. When sending the initial fragment of a large RPC and passing the caller’s RPC container, the container wil...

7.8CVSS6AI score0.00145EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 93.0.4577.82, using “after free” in Permissions in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.4AI score0.00852EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.1AI score0.01189EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: For clk: imx: clk-imx8mp, the error handling in imx8mpclocksprobe has been improved. ofiomap and kzalloc have been replaced with devmofiomap and devmkzalloc. This allows for automatic release of the associated memory when the...

5.5AI score0.002EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpt3sas: Page fault in reply Q processing A page fault was encountered in mpt3sas on a LUN reset error path: 145.763216 mpt3sascm1: Task abort tm failed: handle0x0002, timeout30 trmethod0x0 smid3 msixindex0 145.778932 sc...

5.5CVSS6AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in DjVuLibre

A flaw was discovered in djvulibre-3.5.28 and earlier. A heap buffer overflow occurs in the function DJVU::GBitmap::decode, due to a malicious djvu file, which may lead to the application crashing and other related issues...

7.8CVSS7.7AI score0.01001EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in DjVuLibre

A flaw was discovered in djvulibre-3.5.28 and earlier. A malicious read operation in the function DJVU::DataPool::hasdata, through a crafted djvu file, may cause the application to crash and lead to other issues...

7.8CVSS6.4AI score0.0093EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in openjpeg2

There is a flaw in the src/lib/openjp2/pi.c file of openjpeg in versions prior to 2.4.0. If an attacker can provide untrusted input to openjpeg’s conversion/encoding functionality, they could cause an out-of-bounds read. The most significant impact of this flaw is the application’s availability...

5.5CVSS6.5AI score0.01443EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

The ShutdownObserver function was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

8.8CVSS6.9AI score0.01037EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in hsqldb

Those who use java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL Database to process untrusted input may be vulnerable to a remote code execution attack. By default, it is allowed to call any static method of any Java class in the classpath, resulting in code execution. This issu...

9.8CVSS8AI score0.03519EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Mariadb 10.3

A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server up to 2021-03-03; and the wsrep patch up to 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUP...

9CVSS8.7AI score0.38179EPSS
Exploits9References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Media Stream in Google Chrome before version 126.0.6478.182 allowed a remote attacker who convinced a user to perform certain UI gestures to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00461EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in OpenSSH

In OpenSSH 8.2, the scp client incorrectly sends duplicate responses to the server when a utimes system call fails. This allows a malicious, unprivileged user on the remote server to overwrite arbitrary files in the client’s download directory by creating a crafted subdirectory anywhere on the...

7.5CVSS7.2AI score0.02267EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: cipso: Fixed data races related to sysctl. When reading sysctl variables, they can be changed concurrently. Therefore, we need to add READONCE to avoid data races...

4.7CVSS6.1AI score0.00167EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

Before version 91.0.4472.77, TabStrip in Google Chrome allowed an attacker who convinced a user to install a malicious extension to perform an out-of-bounds memory write through a crafted HTML page...

8.8CVSS7.9AI score0.00989EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Low...

8.8CVSS6.6AI score0.00232EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: traceeventshist: A check was added to ensure that the return value of createhistfield is checked. The function createhistfield is called recursively at line 1954 of traceeventshist.c, and it may return a NULL value. Therefore, we...

5.5CVSS6.1AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: A memory leak has been fixed in samsungclkregisterpll. If clkregister fails, @pll-ratetable may have allocated memory using kmemdup. Therefore, that memory needs to be freed; otherwise, a memory leak issue will occu...

5.5CVSS5.8AI score0.00153EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A heap-out-of-bounds write vulnerability in the Linux kernel’s Performance Events system component can be exploited to achieve local privilege escalation. The readsize of a perfevent can overflow, resulting in an out-of-bounds increment or write operation in perfreadgroup. We recommend upgrading ...

7.8CVSS6.5AI score0.00715EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A non-privileged write-to-file handler flaw exists in the Linux kernel’s control groups and namespaces subsystem. This flaw allows users to gain access to certain less-privileged processes that are controlled by cgroups, even when those processes have higher-privileged parent processes. This issu...

7.8CVSS6.8AI score0.00541EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A use-after-free exists in the drivers/tee/teeshm.c file within the TEE subsystem of the Linux kernel, as of version 5.15.11. This issue arises due to a race condition during the teeshmgetfromid function, when attempting to free a shared memory object...

7CVSS6.4AI score0.00694EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/dp: fixed memory corruption due to too many bridges. Added a missing sanity check on the bridge counter to prevent corruption of data beyond the fixed-sized bridge array, in case there are more than eight bridges...

7.8CVSS5.5AI score0.00144EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: fec: Use pagepoolputfullpage when freeing RX buffers The pagepoolreleasepage function was used when freeing RX buffers. This function simply unmaps the page if it was mapped and does not recycle the page. As a result, after...

5.5CVSS6.1AI score0.00159EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: lan966x: A crash occurs when adding an interface under a “lag” condition. A crash occurs when adding one of the lan966x interfaces under a “lag” condition. The issue can be reproduced as follows: bash ip link add name bond0 type...

7.8CVSS6.2AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A suspected race condition during the call of getaddrinfo led to memory corruption and a potentially exploitable crash. Note: This issue only affected Linux operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13,...

8.1CVSS7.1AI score0.01263EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fixed a potential use-after-free issue in airohanpuget. np-name was being used after calling ofnodeputnp, which releases the node and could lead to a use-after-free bug. Previously, ofnodeputnp was called...

7.8CVSS5.3AI score0.00133EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel, as of version 6.6.8, has a use-after-free issue due to a race condition involving btsockioctl...

7CVSS6.1AI score0.0026EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libde265

Libde265 1.0.9 has a heap buffer overflow vulnerability in de265image::setSliceAddrRSint, int, int...

7.8CVSS7.5AI score0.00325EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox

When a web page created a pop-up from a “javascript:“ URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs. This vulnerability affects Firefox versions earlier than 120...

6.5CVSS6.8AI score0.00614EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Qemu

In QEMU 4.2.1, the ati2dblt function in hw/display/ati2d.c may encounter an out-of-bounds situation during calculations. This could cause the QEMU process to crash...

6.5CVSS6.9AI score0.02498EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: clk: meson: Added missing clocks to axgclkregmaps Some clocks were missing from axgclkregmaps, which caused kernel panic during the command cat /sys/kernel/debug/clk/clksummary. 57.349402 Unable to handle a NULL pointer...

5.5CVSS5.9AI score0.00223EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same issue as in the previous patch two timer callbacks trying to cancel each other can also occur when using bpfmapupdateelem. More precisely, freeing elements containing...

7.8CVSS6.1AI score0.00269EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed the verifier’s assumptions regarding the socket-sk structure. The verifier assumes that the sk field in the struct socket structure is valid and not NULL when the socket pointer itself is trusted and not NULL. This...

5.5CVSS5.3AI score0.00221EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86: fixed the exception handling annotation in clearuserrepgood This code no longer exists in the mainline, as it was removed in the commit d2c95f9d6802 “x86: do not use REPGOOD or ERMS for user memory clearing” from the upstrea...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsidone from srpabort After scmdehaborthandler calls the SCSI LLD ehaborthandler callback, it performs one of the following actions: Calls scsiqueueinsert. Calls scsifinishcommand. Calls scsiehscmdadd...

7.8CVSS5.9AI score0.0023EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in OpenVSwitch

An integer underflow occurred in the Organization Specific TLV in various versions of OpenvSwitch...

9.8CVSS7.3AI score0.01324EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fixed the H264 stateless decoder’s “smatch” warning. A “smatch static checker” warning has been fixed in vdech264reqif.c. This issue causes the kernel to crash when fb is NULL...

5.5CVSS5.7AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed queue reservation for XDP When XDP was configured on a system with a large number of CPUs and X722 NIC, there was a call trace involving a NULL pointer dereference. i40e 0000:87:00.0: Failed to obtain tracking for...

5.5CVSS6.5AI score0.0022EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in fig2dev

A out-of-bounds flaw was discovered in the fig2dev version 3.2.8a. A flawed bounds check in the readobjects function could allow an attacker to provide malicious input, causing the application to crash or, in some cases, leading to memory corruption. The greatest threat of this vulnerability is...

7.1CVSS6.6AI score0.01178EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Tomcat9

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted elsewhere beyond the root of the web application, it was possible to access those resources via an unexpected path. That path was likely not protected by the...

7.5CVSS7.9AI score0.03163EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: pwm: A out-of-bounds access issue in ofpwmsinglexlate has been fixed. The args-argscount is equal to 2; however, args-args2 is not defined. In fact, the flags are contained in args-args1...

7.8CVSS6.1AI score0.0025EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in PackageKit

PackageKit’s apt backend mistakenly treats all local deb files as trustworthy. The apt security model is based on repository trust, not the contents of individual files. On sites where PolicyKit rules are configured, this could allow users to install malicious packages...

8.2CVSS6.4AI score0.00335EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux-Firmware

Improper input validation in some IntelR PROSet/Wireless WiFi and KillerTM WiFi software may allow an authenticated user to potentially enable escalation of privileges via local access...

7.8CVSS6.3AI score0.00275EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix for crashes that occur when the regular task queue is reactivated. When the regular task queue is reactivated after the XSK socket is closed, it may read stale cancellation requests cqe, which can eventually...

5.5CVSS6.1AI score0.00119EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Block: A check was added to ensure that the partition size must be aligned with the block size. Before calling the add partition or resize partition functions, there was no check to verify whether the partition size was aligned...

5.5CVSS6AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium, ffmpeg5

In FFmpeg and Google Chrome, prior to version 108.0.5359.71, uninitialized use allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.7AI score0.01252EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: mtu3: Fixed the kernel panic that occurred when the qmu transfer was completed and the irq handler was called. When handling the qmu transfer irq, the @mtu-lock is unlocked before returning the request. If another thread...

6AI score0.00173EPSS
Exploits0References1
Total number of security vulnerabilities18102