Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in busybox

A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...

7.2CVSS7.6AI score0.02579EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in jqueryui

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various Text options of the Datepicker widget from untrusted sources might execute untrusted code. This issue has been fixed in jQuery UI 1.13.0. The values passed to various Text options are...

6.5CVSS6.1AI score0.07948EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in libxml2

There is a flaw in libxml2 in versions before 2.9.11. An attacker who can submit a crafted file for processing by an application that uses libxml2 can trigger a use-after-free vulnerability. The most significant impact of this flaw is related to confidentiality, integrity, and availability...

8.8CVSS6.8AI score0.03653EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A heap buffer overflow flaw was discovered in the IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with normal user privileges to overwrite kernel heap objects and may lead to a local privilege escalation attack...

7.8CVSS6.9AI score0.05524EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in qtbase-opensource-src

In Qt 5.9.x through 5.15.x before 5.15.9, and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when it was not found in the PATH...

7.8CVSS6.8AI score0.00334EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Flatpak

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak did not properly validate whether the permissions displayed to the user during installation match the actual permissions granted to the app at runtime, especially when there was a nu...

8.6CVSS7.2AI score0.01346EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...

10CVSS8.9AI score0.02136EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in opensc

Heap buffer overflow issues were identified in Opensc before version 0.22.0 in the pkcs15-oberthur.c file, which could potentially cause programs using the library to crash...

5.3CVSS6.9AI score0.02805EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

10CVSS7.7AI score0.02136EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger an...

10CVSS7.3AI score0.0225EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

10CVSS8.9AI score0.02266EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

10CVSS8.9AI score0.02256EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger an...

10CVSS7.6AI score0.02256EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger an...

10CVSS7.3AI score0.02136EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/devfreq: Fixed the OPP refcnt leak...

5.5CVSS5.1AI score0.00193EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Added the drmcrtccommitPut operation. Commit 9ec03d7f1ed3 “drm/vc4: kms: Wait on previous FIFO users before a commit” introduced a global state for the HVS, where each FIFO stores the current CRTC commit. This allow...

4.1CVSS5AI score0.00185EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: aio: Fixed a use-after-free issue due to missing POLFREE handling. signalfdpoll and binderpoll are special because they use a waitqueue whose lifetime is the current task, rather than the struct file as is normally the case. This...

7.8CVSS6.2AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: can: pchcan; pchcanrxnormal: Fixing the issue of dereferencing a structure after it has been freed. After calling netifreceiveskbskb, dereferencing the skb object is unsafe. In particular, the canframe field, which aliases an...

7.8CVSS6.4AI score0.00242EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

The use of after free in the Media Session in Google Chrome before version 125.0.6422.141 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00819EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the iOS Security UI of Google Chrome prior to version 121.0.6167.85 allowed a remote attacker to leak cross-origin data through a crafted HTML page. Chromium security severity: Medium...

7.5CVSS7.2AI score0.00491EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in pillow

In Pillow’s PIL.ImageMath.eval before version 9.0.0, it was possible to evaluate arbitrary expressions, including those that used the Python exec method. A lambda expression could also be used...

9.8CVSS6.8AI score0.03399EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in pillow

Pillow through 10.1.0 allows for arbitrary code execution via the environment parameter. This is a different vulnerability than CVE-2022-22817 which involved the expression parameter...

8.1CVSS7.5AI score0.01703EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability include Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0....

7.4CVSS6.9AI score0.00911EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: cdceem: Fixed an issue where, when usbnet transmits a skb, it was fixed within eemtxfixup. If skbcopyexpand fails, it returns NULL. In this case, usbnetstartxmit has no chance to free the original skb. The solution is to fir...

5.5CVSS6.1AI score0.00228EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFS: Fixed a use-after-free in nfs4initclient. KASAN reported a use-after-free when attempting to mount two different exports through two different NICs that belong to the same server. Olga was able to exploit this issue with...

7.5CVSS6.5AI score0.01109EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: USB: Fixed various gadgets’ null pointer dereferencing issues during 10Gbps networking scenarios. This issue was addressed by simply reusing the 5Gbps configuration for 10Gbps connections, thereby avoiding null pointer dereferenc...

5.5CVSS6.3AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: can: mcbausb: fixed a memory leak in mcbausb Syzbot reported a memory leak in the SocketCAN driver for the Microchip CAN BUS Analyzer Tool. The problem was in the unfreed usbcoherent component. In mcbausbstart, 20 coherent...

5.5CVSS6.1AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: lltemac: Ensure that the skb is freed when it is completely used. By using the TX BD to track the skb pointer, we can efficiently free the skb buffer after the frame has been transmitted. However, to avoid freeing the skb...

6.2CVSS6.1AI score0.0023EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: phy: phy-mtk-tphy: Fixed some resource leaks in mtkphyinit. Used clkdisableunprepare in the error path of mtkPhyInit to address some resource leaks...

5.5CVSS5.9AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.15 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Maps EFI-reserved memory as encrypted for SEV. Some drivers require memory that is marked as EFI boot services data. To prevent this memory from being reused by the kernel after ExitBootServices, efimemreserve is use...

6.2CVSS5.8AI score0.00237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xHCI: Corruption of the command ring pointer occurred during command aborts. The command ring pointer is located at bits 6:63 of the command ring control register CRCR. All control bits, such as those related to command stopping...

5.5CVSS6.1AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fixed potential NULL dereferencing. The bpfjitbinaryfree function requires a non-NULL argument. When the RISC-V BPF JIT fails to converge within NRJITITERATIONS steps, jitdata-header will be NULL, triggering a NULL...

7.5CVSS5.3AI score0.00677EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/tls: Fixed the reversed sign in calls to tlserrabort. sk-skerr seems to expect a positive value. This convention is not always followed by ktls, which can lead to memory corruption in other code. For example: c kworker...

7.8CVSS5.7AI score0.00218EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/a3xx: Fixed error handling in a3xxgpuinit. These error paths now return 1 in case of failure, instead of a negative error code. This could lead to an “Oops” in the calling function. Another issue is that the check for...

5.5CVSS5.9AI score0.00196EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: can: isotp: isotpsendmsg: added a result check for waiteventinterruptible. The waiteventinterruptible function is used to wait for complete transmission, but the result of this function, which may be interrupted, is not checked...

5.5CVSS6AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: a race between writeprotect and exitmmap has been fixed. A race may occur when a process exits; its virtual memory addresses are removed by exitmmap, and at the same time, userfaultfdwriteprotect is called. This race...

4.7CVSS5.9AI score0.00164EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: core – Ensure that the LLD module reference count is set after the SCSI device is released. The SCSI host release is triggered when the SCSI device is freed. We must ensure that the low-level device driver module is not...

5.5CVSS6AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “ice”: fixed the sizing of vsi-txqmap. The approach of having XDP queues per CPU, regardless of the user’s settings, exposed a hidden bug that could occur when the number of Rx queues differs from the number of Tx queues...

5.5CVSS5.3AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpt3sas: A kernel panic occurred during the drive powercycle test. While iterating through Shost’s sdev list, it is possible that one of the drives is being removed, and its sastarget object is freed, but its sdev object...

7.8CVSS6.3AI score0.00229EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tty: Fixed an out-of-bound access to vmalloc in imageblit. This issue occurs when a user-space program calls ioctl FBIOPUTVSCREENINFO, passing the fbvarscreeninfo structure containing only the fields xres, yres, and bitsperpixel...

7.1CVSS6.2AI score0.00264EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in grub2

A carefully crafted JPEG image may cause the JPEG reader to underflow its data pointer, allowing user-controlled data to be written into the heap. For the attack to succeed, the attacker must analyze the heap layout and create an image with malicious format and payloads. This vulnerability can le...

7CVSS7.5AI score0.00456EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to information disclosure...

6.5CVSS6.7AI score0.00785EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the content security policy of Google Chrome prior to version 91.0.4472.77 allowed a remote attacker to bypass the content security policy through a crafted HTML page. Chrome security severity: Medium...

8.8CVSS7.9AI score0.11494EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux, Linux 5.10

Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel versions 5.1 through 5.19.x, prior to 5.19.16, could be exploited by local attackers those capable of injecting WLAN frames to trigger use-after-free conditions, potentially allowing them to execute...

7.8CVSS6.8AI score0.00798EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in the Crashpad component of Google Chrome on Android, prior to version 107.0.5304.106, allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...

9.6CVSS7.6AI score0.00706EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 107.0.5304.62, using free after extensions in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS7.2AI score0.00347EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00617EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Web Workers in Google Chrome before version 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00635EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A memory leak vulnerability was discovered in the eBPF of the Linux kernel, related to the Simulated networking device driver. This vulnerability arises from the way user functions using BPF for the device call the function nsimmapallocelem. A local user could exploit this flaw to gain unauthoriz...

5.5CVSS6.7AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in curl

There is a vulnerability in curl version 7.87.0 where it is possible to exploit the memory reclamation mechanism. In this vulnerability, curl can be instructed to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When curl...

5.9CVSS6.5AI score0.02511EPSS
Exploits1References2
Total number of security vulnerabilities18102