Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: usb: smsc75xx: Fixed access to uninitvalue in smsc75xxreadreg syzbot reported the following issues with access to uninitvalue: ===================================================== BUG: KMSAN: uninitvalue in...

5.5CVSS6.1AI score0.00228EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed a memory leak caused by LZMA global compressed deduplication. When testing microLZMA EROFS images with the new global compressed deduplication feature enabled -Ededupe, I discovered that some short-lived temporary...

5.5CVSS5.2AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: AppArmor: Avoid crashing when parsing a profile name that is empty. When processing a packed profile in unpackprofile, the string “:samba-dcerpcd” is parsed as a fully qualified name and then passed to aasplitnfqname...

5.5CVSS6.2AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

A use-after-free flaw was discovered in the setupasyncwork function in the KSMBD implementation of the in-kernel Samba server and CIFS services in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed resources...

6.5CVSS6.5AI score0.01047EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in libonig

A issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function fetchintervalquantifier formerly known as fetchrangequantifier in regparse.c, PFETCH is called without checking PEND. This leads to a buffer overflow issue based on the heap mechanism...

7.5CVSS6.9AI score0.06889EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in libonig

A issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function gb18030mbcenclen in the file gb18030.c, a UChar pointer was dereferenced without checking whether it pointed to the end of the matched string. This resulted in a buffer overflow...

7.5CVSS7AI score0.04052EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Vino

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data. This allows remote attackers to cause a denial of service memory consumption or daemon crash by processing a...

5CVSS7.3AI score0.07563EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in ANGLE in Google Chrome prior to version 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.6AI score0.10114EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. The supported versions affected by this vulnerability are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5, and 22.3.1...

3.7CVSS6.4AI score0.01036EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Chromium

The incorrect security UI in Downloads in Google Chrome prior to version 119.0.6045.105 allowed a remote attacker to obfuscate the security UI through a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.3AI score0.00646EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nvmet: avoided potential UAF in nvmetreqComplete. The implementation of the nvme target-queueresponse operation may free the request passed as an argument. Such an implementation could potentially lead to a use-after-free of the...

7.8CVSS6.1AI score0.00174EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox

In a non-standard configuration of Firefox, an integer overflow could have occurred due to network traffic possibly under the influence of a local unprivileged web page, resulting in an out-of-bounds write to privileged process memory. This bug only affects Firefox if a non-standard preference...

7.5CVSS7.2AI score0.00733EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebGPU in Google Chrome prior to version 101.0.4951.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.6AI score0.0105EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Chromium

Using “after free” in WebRTC Perf in Google Chrome before version 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7AI score0.00745EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 98.0.4758.80, using "After Free" in the Accessibility settings of Google Chrome allowed a remote attacker who convinced a user to perform certain user interactions to potentially exploit heap corruption through those interactions...

8.8CVSS7AI score0.00685EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 98.0.4758.80, using “after free” in Reader Mode in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7AI score0.00745EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in ANGLE in Google Chrome prior to version 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.6AI score0.01344EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Failure to correctly record the location of live pointers across wasm instance calls resulted in a garbage collection occurring within the call without tracing those live pointers. This could have led to a use-after-free condition, causing a potentially exploitable crash. This vulnerability affec...

8.8CVSS8AI score0.0162EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 96.0.4664.93, using the "after free" mechanism in Google Chrome’s developer tools allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01315EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A flaw was discovered in the Linux kernel’s implementation of RDMA over InfiniBand. An attacker with a privileged local account can leak kernel stack information by issuing commands to the /dev/infiniband/rdmacm device node. Although this access is unlikely to reveal sensitive user information, i...

2.3CVSS6.7AI score0.00199EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A guest can force the Linux netback driver to consume a large amount of kernel memory. This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Incoming data packets for a guest in the Linux kernel’s netback driver are buffere...

6.5CVSS6.6AI score0.00332EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in unbound

A vulnerability called “Non-Responsive Delegation Attack” NRDelegation Attack has been discovered in various DNS resolution software. The NRDelegation Attack operates by creating a malicious delegation with a significant number of non-responsive name servers. The attack begins by querying a...

7.5CVSS6.9AI score0.01293EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in SQLite

The osunix.c file in SQLite before version 3.13.0 improperly implements the temporary directory search algorithm. This may allow local users to obtain sensitive information, cause a denial of service application crash, or have unspecified other impacts by leveraging the current working directory...

5.9CVSS6.6AI score0.0048EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A data race flaw was discovered in the Linux kernel, between the allocation of the con variable and the setting of con-sock. This issue results in a NULL pointer dereferencing when accessing con-sock-sk in the net/tipc/topsrv.c file within the tipc protocol in the Linux kernel...

4.7CVSS6.6AI score0.00184EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Integer overflow in PDF files in Google Chrome prior to version 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption through a crafted PDF file. Chromium security severity: Medium...

8.8CVSS7.4AI score0.00605EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Vim

Heap-based Buffer Overflow in the GitHub repository vim/vim before version 9.0.1225...

7.8CVSS7.1AI score0.00555EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A issue was discovered in the Linux kernel, specifically in the nfconntrackirc module. In this case, the message handling mechanism can become confusing, and messages may be matched incorrectly. It is possible for a firewall to be bypassed when users use unencrypted IRC with the nfconntrackirc...

5.3CVSS6.5AI score0.01429EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in gst-plugins-good1.0

DOS: Potential heap overwrite during MKV demuxing using BZIP decompression. Integer overflow in the Matroskademux element within the BZIP decompression function can cause a segfault, or it may lead to a heap overwrite, depending on the libc and operating system used. Depending on the libc used an...

7.8CVSS7.1AI score0.00409EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.0675EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 106.0.5249.91, writing out-of-bounds data in V8 with Google Chrome allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.4AI score0.00713EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fixed the issue with xdprxqinfo after suspend/resume. The following sequence currently causes a driver bug warning when using virtionet: bash ip link set eth0 up echo mem /sys/power/state or e.g. rtcwake -s 10 -m mem i...

7.1CVSS6.2AI score0.00281EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Commands from recovery entries are freed after a session is closed. This leads to a use-after-free when the commands are freed, or a NPE Non-Programmable Error can occur with such a call trace: Time2Retain...

6AI score0.00173EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Parsec

The vulnerability of the pdpl-user utility in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...

5.5CVSS5.8AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Parsec

The vulnerability of the parselevcat function in the PARSEC security subsystem is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to cause a service failure...

6.2CVSS5.8AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A vulnerability has been identified in the Linux kernel. It has been declared as problematic. The function “followpagepte” in the file “mm/gup.c” of the component BPF is affected by this vulnerability. This manipulation leads to a race condition. The attack can be launched remotely. It is...

7.5CVSS5.7AI score0.00748EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

The non-transparent sharing of return predictor targets between contexts in some Intel processors may allow an authorized user to potentially enable information disclosure through local access...

5.5CVSS6.6AI score0.0035EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Parsec

The vulnerability of the getoptions function in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...

6.2CVSS5.8AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

A issue was discovered in the Linux kernel through version 5.16-rc6. The lkdtmARRAYBOUNDS function in drivers/misc/lkdtm/bugs.c lacks a check for the return value of kmalloc, which can lead to a null pointer derefrence...

5.5CVSS6.7AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Git

Git, a version control system, is vulnerable to path traversal before versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By providing a crafted input to git apply, it is possible to overwrite paths outside of the working tree, as long as the user running...

7.5CVSS7AI score0.01144EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libxpm

A flaw was discovered in libXpm. When processing files with the .Z or .gz extensions, the library calls external programs to compress and uncompress files. This process relies on the PATH environment variable to locate these programs. This vulnerability could allow a malicious user to execute oth...

8.8CVSS6.9AI score0.01199EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Vim

Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 8.2.4436...

8.4CVSS6.8AI score0.12272EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

There is a flaw in the Linux kernel’s handling of new TCP connections. The issue arises due to the lack of memory release after the effective lifetime of these connections. This vulnerability allows an unauthenticated attacker to create a denial-of-service condition on the system...

5.9CVSS6.3AI score0.00726EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in gst-plugins-base1.0

GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may va...

7.8CVSS7.8AI score0.01565EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in OVN

A flaw was discovered in Open Virtual Network, where the service monitor MAC does not properly implement rate limiting. This issue could allow an attacker to cause a denial of service, even in deployments with CoPP enabled and properly configured...

5.3CVSS6.4AI score0.00994EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebRTC in Google Chrome prior to version 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.00737EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox

A use-after-free could occur if a JavaScript realm was being initialized when a garbage collection started. This vulnerability affects Firefox versions earlier than 125...

7.5CVSS7.2AI score0.00356EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.7AI score0.14958EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/vc4: Do not check if plane-state-fb == state-fb Currently, when using non-blocking commits, the following kernel warnings can be observed: 110.908514 ------------ Cut here ------------ 110.908529 refcountt: Underflow; Use...

7.8CVSS6.4AI score0.00212EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fixed some memory leaks in lbsallocatecmdbuffer. In the lbsallocatecmdbuffer function, if the allocation of cmdarrayi.cmdbuf fails, both cmdarray and cmdarrayi.cmdbuf need to be freed. Otherwise, memory leaks will...

5.5CVSS5.7AI score0.00223EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channel bits when all channels are found. If a USB audio device sets more bits than the number of channels it supports, it may write data outside of the map array...

5.5CVSS5.7AI score0.00622EPSS
Exploits0References2
Total number of security vulnerabilities18102