Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in binutils

A NULL pointer dereference also known as SEGV at an unknown address 0x000000000000 was discovered in the workstuffcopytofrom function in cplus-dem.c within GNU libiberty, as part of the GNU Binutils 2.30 distribution. This issue can occur during the execution of objdump...

7.5CVSS6.5AI score0.05229EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox

The return value from gfx::SourceSurfaceSkia::Map wasn’t verified, which could potentially lead to a null pointer dereferencing. This vulnerability affects Firefox versions less than 110...

7.5CVSS7.4AI score0.00622EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in gst-plugins-good1.0

DOS: Potential heap overwrite in qtdemux using zlib decompression. Integer overflow in the qtdemux element within the qtdemuxinflate function can lead to a segfault, or it may cause a heap overwrite, depending on the libc and operating system. Depending on the libc used and the underlying operati...

7.8CVSS7.2AI score0.00437EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Using “after free” in the libavif library in Google Chrome before version 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption through a crafted image file. Chromium security severity: High...

8.8CVSS7.3AI score0.00653EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in HAPProxy

A vulnerability related to information leaks was discovered in HAProxy versions 2.1, 2.2 before 2.2.27, 2.3, and 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, and 2.7 before 2.7.1. There are 5 bytes that are not initialized in the connection buffer when encoding the FCGIBEGINREQUEST...

7.5CVSS7.1AI score0.01201EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Heimdal

The fix for CVE-2022-3437 involved changing the memcmp function to run in constant time, as well as providing a workaround for a compiler bug by adding comparisons of the result of memcmp with the value “!= 0”. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and...

7.5CVSS6.8AI score0.00491EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Apache2

A regression in Apache HTTP Server 2.4.60 ignores some uses of the legacy content-type-based configuration for handlers. Configurations like “AddType” and similar settings, under certain circumstances where files are requested indirectly, can lead to exposure of local content in the source code...

6.2CVSS6.5AI score0.00889EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A array indexing vulnerability was discovered in the netfilter subsystem of the Linux kernel. The absence of a proper macro could lead to an incorrect calculation of the offset of the h-nets array, giving attackers the ability to arbitrarily increment/decrement a memory buffer beyond its bounds...

7.8CVSS6.8AI score0.00514EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in gst-plugins-bad1.0

GStreamer MXF File Parsing: Integer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may va...

8.8CVSS7.9AI score0.01871EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in open-vm-tools

A fully compromised ESXi host can cause VMware Tools to fail in authenticating host-to-guest operations, thereby affecting the confidentiality and integrity of the guest virtual machine...

3.9CVSS6.1AI score0.13638EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01738EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ravb: Fixed the use-after-free issue in ravbtxtimeoutwork. The ravbstop function should call cancelworksync. Otherwise, ravbtxtimeoutwork may use the freed private data after ravbremove is called, as follows: CPU0 CPU1...

7.8CVSS6.2AI score0.00242EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A use-after-free flaw was discovered in the ext4remount function in the fs/ext4/super.c file within ext4 in the Linux kernel. This flaw allows a local user to cause an information leak issue when freeing the old quota file names before a potential failure, resulting in a use-after-free condition...

7.1CVSS6.7AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel before version 6.4.5, the file driver/gpu/drm/drmatomic.c contained a use-after-free during a race condition between a nonblocking atomic commit and a driver unloading process...

7CVSS6.2AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libx11, libxpm

A vulnerability was discovered in libX11 due to an integer overflow within the XCreateImage function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges...

7.8CVSS7.2AI score0.00427EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in ANGLE in Google Chrome prior to version 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.00923EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A issue was discovered in the Linux kernel before version 6.3.3. There is an out-of-bounds read in the crc16 function in lib/crc16.c when called from fs/ext4/super.c, because ext4groupdesccsum does not properly check an offset. NOTE: This issue is disputed by third parties, as the kernel is not...

5.5CVSS6.1AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

The Linux kernel before version 6.2.9 has a race condition, which can lead to a use-after-free issue in the drivers/net/ethernet/qualcomm/emac/emac.c file. This issue occurs when a physically nearby attacker disconnects an EMAC-based device...

6.4CVSS6.4AI score0.00355EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Tiff

A NULL pointer dereferencing in TIFFClose is caused by failing to open an output file a non-existent path or a path that requires permissions like /dev/null while specifying zones...

6.5CVSS6.8AI score0.01124EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Golang-1.19

The go command may execute arbitrary code during compilation when using cgo. This can occur when running “go get” on a malicious module, or when running any other command that compiles unauthorized code. This issue can be triggered by linker flags, specified via the cgo LDFLAGS directive. The...

9.8CVSS7.4AI score0.01837EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in lua5.3

In Lua 5.3.5, there is a use-after-free issue in the luaupvaluejoin function in the lapi.c file. For example, an attacker can trigger a debug.upvaluejoin call, resulting in a crash, if they can establish certain relationships between the arguments passed to the function...

7.5CVSS6.7AI score0.17224EPSS
Exploits5References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libxml2

A issue was discovered in libxml2 before version 2.10.4. When hashing empty dictionary strings in a crafted XML document, the xmlDictComputeFastKey function in dict.c can produce non-deterministic values, resulting in various logical and memory errors, such as double-free errors. This behavior...

6.5CVSS7.1AI score0.01013EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in bfdarchive64bitslurparmap in archive64.c...

7.8CVSS7AI score0.01697EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel before version 6.1.13, there is a double-free in the net/mpls/afmpls.c file when an allocation failure occurs due to registering the sysctl table under a new location during the renaming of a device...

4.7CVSS6.7AI score0.00331EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Firefox

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 108. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects versio...

8.8CVSS8.2AI score0.00521EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: kprobes: The posthandler of aggrprobe is cleared in the case where kprobe-on-ftrace is used. In unregisterkprobetop, if the currently unregistered probe has a posthandler, but other child probes of aggrprobe do not have a...

7.8CVSS6.2AI score0.00188EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A flaw was discovered in the Linux kernel’s networking code. A use-after-free occurred in the way the schsfb enqueue function utilized the socket buffer SKB cb field after the same SKB had been enqueued and freed into a child qdisc. This flaw allows a local, unprivileged user to cause a system...

5.5CVSS6.7AI score0.0045EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When encoding data from an inputStream in xpcom, the size of the input being encoded was not correctly calculated, potentially leading to an out-of-bounds memory write. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

8.8CVSS7.1AI score0.00737EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in TIF format

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 3516 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIF file. For users who compile LibTIFF from source code, the fix is available in the comm...

6.8CVSS6.7AI score0.00435EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в u-boot

The U-Boot versions from 2016.09 to 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem. This results in a stack buffer overflow, potentially leading to code execution...

8.3CVSS7.2AI score0.01764EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation with a failed length check at nfsreadreply, when calling storeblock in the NFSv2 case...

9.8CVSS7.3AI score0.0235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation with an unvalidated length at nfsreadlinkreply, located in the “if” block, after calculating the new path length...

9.8CVSS7AI score0.02403EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is a stack-based buffer overflow in the nfshandler reply helper function: nfsreadlinkreply...

9.8CVSS7.6AI score0.02488EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: udplite: Fixed a NULL pointer dereference in skmemraiseallocated. syzbot reported a NULL pointer dereference in skgetrmem0 while using IPPROTOUDPLITE 0x88: 14:25:52 executing program 1: r0 = socket$inet60xa, 0x80002, 0x88 We...

6AI score0.00173EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Golang-1.19

The html/template package does not follow the correct rules for handling occurrences of "", "" within JS literals in contexts. This may cause the template parser to incorrectly consider script contexts as being terminated early, resulting in actions being properly escaped incorrectly. This could ...

6.1CVSS6.7AI score0.00798EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in NTP

The praecisparse function in ntpd/refclockpalisade.c, within NTP 4.2.8p15, contains an out-of-bounds write vulnerability. Any attack method would be complex, for example, using a manipulated GPS receiver...

6.4CVSS6.3AI score0.00521EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation with an unvalidated length at nfsreadlinkreply in the “else” block, after calculating the new path length...

9.8CVSS7AI score0.0235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в u-boot

A carefully crafted self-referential DOS partition table will cause all Das U-Boot versions up to 2019.07-rc4 to infinitely recur, causing the stack to grow indefinitely. This could lead to a system crash or the overwriting of other data...

7.1CVSS6.7AI score0.00404EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ar5523: Fixed a use-after-free in ar5523cmd when it timed out. syzkaller reported a use-after-free with the stack trace as follows 1: 38.960489 C3 ================================================================== 38.963216...

5.9AI score0.00239EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: anysee: fixed the null-ptr-deref in anyseemasterxfer. In anyseemasterxfer, msg is controlled by the user. When msgi.buf is null and msgi.len is zero, previous checks on msgi.buf will still be performed. Malicious data will...

5.9AI score0.00184EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Golang-1.19

The html/template package does not properly handle HTML-like “” comment tokens, nor hashbang “!” comment tokens, in contexts. This may cause the template parser to incorrectly interpret the contents of contexts, resulting in actions being incorrectly escaped. This could be exploited to carry out ...

6.1CVSS6.7AI score0.00815EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in NTP

In the file libntp/mstolfp.c, within the NTP version 4.2.8p15, there is a buffer overflow vulnerability when copying the trailing number. An attacker may be able to exploit this vulnerability against a client’s NTPQ process, but they cannot exploit it against ntpd...

5.6CVSS7.1AI score0.00703EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in binutils

It has been discovered that GNU Binutils prior to version 2.40 contains a memory leak vulnerability in the findabstractinstance function in dwarf2.c...

5.5CVSS5.3AI score0.00654EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in lxml

Lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html allowed certain crafted script content to pass through, as well as script content in SVG files embedded using data URIs. Users who use the HTML Cleaner in a security-related...

8.2CVSS6.4AI score0.02456EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Waitress

Waitress version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value. If that value was not in the “chunked” format, it would proceed using the Content-Length header instead. According to the HTTP standard, Transfer-Encoding should be a comma-separated list, wit...

7.5CVSS6.3AI score0.02545EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

4.3CVSS6.8AI score0.01168EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in node-getobject

A vulnerability in the prototype pollution mechanism in the 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution...

9.8CVSS7.4AI score0.04031EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Using “after free” in WebGPU in Google Chrome before version 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.4AI score0.00998EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: media: rkisp1: Fixed the race condition related to interrupt disable. In rkisp1ispstop and rkisp1csidisable, the driver masks the interrupts and then assumes that the interrupt handler will not be running. However, this is not...

4.7CVSS5.4AI score0.00173EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in the Linux kernel before version 6.3.4. In the file fs/ksmbd/smb2pdu.c of ksmbd, there is a flaw where the UserName value is not properly checked. This occurs because the address of the security buffer is not taken into consideration, resulting in a out-of-bounds read...

9.1CVSS6.9AI score0.02975EPSS
Exploits0References2
Total number of security vulnerabilities18102