Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipmi: Fixed UAF when uninstalling the ipmisi and ipmimsghandler modules Hi, During testing the installation and uninstallation of the ipmisi.ko and ipmimsghandler.ko modules, the system crashed. The log contains the following...

5.5CVSS6.5AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in glibc

A flaw was discovered in glibc. A “off-by-one” buffer overflow and underflow in the getcwd function may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and the size passed to getcwd in a setuid program could exploit this flaw t...

7.8CVSS7.7AI score0.0072EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in wavpack

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variables. The impact includes unexpected control flow, crashes, and segfaults. The affected component is: ParseWave64HeaderConfig wave64.c:211. The attack vector is a maliciously crafted .wav file. The fixed version is: Afte...

5.5CVSS6.6AI score0.01503EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in wavpack

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variables. The impact includes unexpected control flow, crashes, and segfaults. The affected component is ParseCaffHeaderConfig caff.c:486. The attack vector is a maliciously crafted .wav file. The fixed version is after the...

5.5CVSS6.3AI score0.01456EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Power: Supply: bq27xxx: Fixed handling of pollinterval and races during removal operations. Before this patch, the bq27xxxbatteryteardown function set pollinterval to 0 to avoid requeuing the delayedwork item during...

5.6AI score0.00184EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: block: Fixed a potential deadlock in blkiarangesysfsshow When reading a sysfs attribute, the attribute is already protected against removal due to the active reference counter of the kobject node. As a result, in...

5.5CVSS6.2AI score0.00184EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Zabbix

The vulnerability is caused by an improper check to ensure that RDLENGTH does not overflow the buffer in response from the DNS server...

8.1CVSS7.9AI score0.00673EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Concurrency. The supported versions affected by this vulnerability are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. The...

3.7CVSS6AI score0.01056EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mctp: Fixed an error handling path in mctpinit. If mctpneighinit returns an error, the route resources should be released during the error handling path. Otherwise, some resources may be leaked...

5.5CVSS5.8AI score0.00163EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in bluez

The bluetoothd function from the bluez library incorrectly preserves the discoverable status of adapters when a device is powered down, and restores that status when the device is powered on again. If a device is in the discoverable state while powered down, it will remain discoverable when the...

6.5CVSS6.7AI score0.00795EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A race condition was identified in the Linux kernel’s perfeventopen function, which can be exploited by an unprivileged user to gain root privileges. This bug allows for the exploitation of several attack primitives, such as kernel address information leakage and arbitrary execution...

7CVSS6.8AI score0.0031EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ath10k: Skip ath10khalt during suspend for the driver state RESTARTING. A double-free crash occurs when FW recovery caused by wmi timeout/crash is followed by an immediate suspend event. FW recovery is triggered by...

7.8CVSS6.1AI score0.00266EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fixed a bo leak in intelfbboframebufferinit. Added a unreference of “bo” in the error path to prevent the leakage of a “bo” reference. Return 0 on success to clarify the success path. Cherry-picked from commit...

5.5CVSS5.9AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in open-vm-tools

VMware Tools 12.0.0, 11.x.y, and 10.x.y contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the guest OS can escalate privileges as a root user in the virtual machine...

7.8CVSS7.1AI score0.0054EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Counter: rz-mtu3-cnt: Do not use the dev member of the struct rzmtu3channel. The counter driver can use HW channels 1 and 2, while the PWM driver can use HW channels 0, 1, 2, 3, 4, 6, 7. The dev member is assigned both by the...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: The issue of using the wrong skb when comparing the queued RESP challenge serial number has been fixed. In rxrpcpostresponse, the code should compare the challenge serial number from the cached response before deciding to...

7.5CVSS5.8AI score0.00426EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: added a sanity check on the previous kernel’s ima kexec buffer. When the second-stage kernel is booted via kexec with a limiting command line such as “mem=”, the physical range that contains the carried over IMA...

5.5CVSS6AI score0.00123EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net.manap: Null servicewq on setup error to prevent double destruction. In the managdsetup error path, servicewq is set to NULL after destroyworkqueue, to match the cleanup in managdcleanup. This prevents a use-after-free if the...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fixed a race condition during IPSec ESN update. In IPSec full offload mode, the device reports an ESN Extended Sequence Number wrap event to the driver. The driver validates this event by querying the IPSec ASO and...

7.5CVSS5.7AI score0.00206EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: caam – fixed an overflow issue when dealing with long HMAC keys. When a key that is longer than the block size is provided, it is copied and then hashed into the actual key. The memory allocated for the copy needs to be...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in libstb

In Libsixel, prior to and including v1.10.3, a NULL pointer dereferencing in the stbimage.h component of libsixel allows attackers to cause a denial of service DOS through a crafted PICT file...

6.5CVSS6.6AI score0.00922EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: X.509: Fixed out-of-bounds access during the parsing of extensions Leo reports a situation where out-of-bounds access occurs during the parsing of a certificate with empty Basic Constraints or Key Usage extensions. This occurs...

7.1CVSS5.7AI score0.00081EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in WebKit2GTK

This issue has been addressed through improved checks. This issue is fixed in Safari 26.1, iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, and watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS6.6AI score0.00463EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Do not overwrite the KMS surface dirty tracker. We were overwriting the surface’s dirty tracker, which caused a memory leak...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Passwords in Google Chrome prior to 143.0.7499.41 allowed a local attacker to bypass authentication via physical access to the device. Chromium security severity: Low...

3.5CVSS6.1AI score0.00163EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00386EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

This issue was addressed through improved state management. This issue is fixed in Safari 26.1, iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, and watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

4.3CVSS7AI score0.01EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd – Fix for leaking event log memory During the device removal process, the device is reset, causing the configuration registers to return to their default state, which is zero. Since the driver checks whether the...

5.5CVSS6AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

9.8CVSS7AI score0.00439EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Chromium

The poor implementation of the Loader component in Google Chrome before version 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.5AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: hifusb: fixed a memory leak of urbs in ath9khifusbdealloctxurbs. Syzkaller reported a well-known leak of urbs in ath9khifusbdealloctxurbs. The cause of the leak is that usbgeturb is called, but usbfreeurb or usbputur...

6.1AI score0.00239EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fixed an oops in xegemfault when running the corehotunplug test. An oops occurred in xegemfault when running the xe-fast-feedback testlist against the realtime kernel without debug options enabled. The panic occurs after...

6.1AI score0.00192EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: amba: bus – fix refcount leak The commit 5de1540b7bc4 from drivers/amba: create devices from device tree increases the refcount of ofnode, but does not release it in ambadevicerelease. This results in a refcount leak. By using...

6.1AI score0.00204EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hfs: Ensure that sb-sfsinfo is always cleaned up. When hfs was converted to the new mount API, a bug was introduced by changing the allocation pattern of sb-sfsinfo. If setupbdevsuper fails after a new superblock has been allocat...

5.5CVSS6AI score0.00117EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: The split caching of bitfields in cachedfid was introduced to avoid race conditions involving shared-byte registers. The functions isopen, haslease, and onlist are stored in the same bitfield byte within the struc...

8.8CVSS6.1AI score0.00218EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of smpprocessorid. The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC0: controller connect complete localhost kernel: BUG: Using smpprocessorid in preemptible...

5.5CVSS6.1AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN use-after-free out of bounds. When we run syzkaller, we encounter an Out of Bounds error. “KASAN: slab-out-of-bounds Read in regcacheflatread.” The issue’s backtrace is as follows: BUG: KASAN:...

7.8CVSS6.4AI score0.00194EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling The cpulatencyqosadd/remove/updaterequest interfaces lack internal synchronization by design, requiring the caller to ensure thread safety. The current...

6.6AI score0.00182EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: In loopsetstatusfrominfo, the checks for lo-looffset and lo-losizelimit should be performed before reassigning them. This is because if an overflow error occurs, the original correct value will be changed to the wrong value, and ...

5.8AI score0.00242EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: Use spinlockirqsave in adjustinuseandcalccost. The adjustinuseandcalccost function uses spinlockirq, and IRQ will be enabled when unlocking. A DEADLOCK may occur if other locks are held and IRQs are disabled before...

5.9AI score0.00187EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: The label should be released when replacing an existing ct entry. The cited “commit” does not release the label mapping when replacing an existing ct entry, leading to the following memory leak report: Unreferenced...

6.6AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iommufd: Fixed the issue where pages were unpinned when an access was present. syzkaller discovered that the calculation of batchlastindex should use ‘startindex’, because when this function is called, the batch is either empt...

5.5CVSS6.7AI score0.00164EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong sizeof config in slaveconfig The issue involved a corrupted slaveconfig function that incorrectly compared peripheralsize with the size of the config pointer, rather than the size of the config...

5.5CVSS6AI score0.00143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed a null pointer dereference in blkmqclearrqmapping. Our syzkaller report identified a null pointer dereference. The root cause is as follows: - blkmqallocmapandrqs: set-tagshctxidx = blkmqallocmapandrqs. -...

5.5CVSS6.5AI score0.00129EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: The use of a spinlock for the context list protection lock was corrected. Previously, a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP...

6AI score0.00171EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validated the box size for the snooped cursor. Invalid user-space DMA surface copies could potentially cause an overflow when copying data from the surface to the snooped image, leading to crashes. To address this...

5.5CVSS6.1AI score0.00149EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixing the lifetime of the sysfs interface The current nilfs2 sysfs support has issues with the timing of the creation and deletion of sysfs entries. This may lead to null pointer dereferences, use-after-free errors, a...

5.5CVSS6.1AI score0.00132EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fixed an incorrect function call when vimcinit fails. In vimcinit, when platformdriverregister&vimcpdrv fails, the function platformdriverunregister&vimcpdrv is called incorrectly instead of...

5.5CVSS6.1AI score0.00145EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS – Fixed a memory leak in the hwspoolbuddyinit error path. In the error path of hwspoolbuddyinit, the buddy allocator cleanup does not free the allocator structure itself, resulting in a memory leak. Added the...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a null pointer check for dpuencoderneedsmodeset. The drmatomicgetnewconnectorstate function may return NULL if the connector is not part of the atomic state. A check was added to prevent a NULL pointer...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
Total number of security vulnerabilities18102