Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fixed NULL pointer access in the interrupt handler. The TX buffer in spitransfer can be a NULL pointer. As a result, the interrupt handler may write to invalid memory, causing crashes. Add a check for trans-txbuf...

6.5CVSS5.7AI score0.01176EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx – call finalize with bh disabled When calling cryptofinalizerequest, the error bit BH should be disabled to avoid triggering the following calltrace: ------------- Cut here -------------- WARNING: CPU: 2 PID: 74 at...

5.5CVSS5.8AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: afs: Increase the buffer size in afsupdatevolumestatus. The maximum length of the volume-vid value is 20 characters. Therefore, increase the size of idbuf to 24 to avoid overflow. Found by the Linux Verification Center...

7.8CVSS5.6AI score0.00263EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

In V8 of Google Chrome, out-of-bounds memory access before version 122.0.6261.111 allowed a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.13556EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Accessibility in Google Chrome before version 122.0.6261.57 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through specific UI gestures. Chromium security severity: Medium...

8.8CVSS7.2AI score0.00795EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in gnutls28

A vulnerability was discovered in GnuTLS. The response times to malformed ciphertexts in the RSA-PSK ClientKeyExchange differ from those of ciphertexts with correct PKCS1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack during the RSA-PSK key exchange,...

7.5CVSS6.7AI score0.01614EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in SQLite3

A vulnerability was discovered in SQLite SQLite3 version 3.43.0 and is classified as critical. This issue affects the sessionReadRecord function in the file ext/session/sqlite3session.c of the make alltest component. The vulnerability results in a heap-based buffer overflow. It is recommended to...

7.3CVSS6.5AI score0.01249EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Qemu

A stack-based buffer overflow was discovered in the virtio-net device of QEMU. This issue occurs when flushing the TX operation in the virtionetflushtx function, provided that the guest has enabled VIRTIONETFHASHREPORT, VIRTIOFVERSION1, and VIRTIONETFMRGRXBUF. This could allow a malicious user to...

5.3CVSS7AI score0.0033EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: The issue involves bcm: – a UAF Use-After-Free flaw in bcmprocshow. Bug: KASAN: A slabuse-after-free issue occurs in bcmprocshow+0x969/0xa80. A size 8 data block was read from address ffff888155846230 by the task cat/7862. CPU: 1...

7.8CVSS6.1AI score0.00286EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fixed an issue where UBSAN used an array-index that was out of bounds for SMU7. For pptable structures that use flexible array sizes, use flexible arrays instead...

7.8CVSS5.7AI score0.00257EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When receiving rendering data via IPC mStream, it might have been destroyed during initialization, which could lead to a use-after-free condition and potentially cause a crash. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...

6.5CVSS6.7AI score0.00545EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in PDFs in Google Chrome before version 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption through a crafted PDF file. Chromium security severity: High...

8.8CVSS7.3AI score0.00918EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Docker-Registry

A flaw was discovered in the /v2/catalog endpoint located in the distribution/distribution directory. This endpoint accepts a parameter that controls the maximum number of records to be returned query string: n. This vulnerability allows a malicious user to submit an excessively large value for n...

6.5CVSS6.5AI score0.00938EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

Incorrect verifier pruning in the BPF module of the Linux kernel version 5.4 and above leads to unsafe code paths being incorrectly marked as safe. This results in arbitrary read/writes to kernel memory, lateral privilege escalation, and container escapes...

10CVSS7.2AI score0.03546EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libbpf

A vulnerability has been discovered in the Linux kernel. It has been identified as problematic. This issue affects the parseusdtarg function in the tools/lib/bpf/usdt.c file of the BPF component. Manipulating the regname argument leads to a memory leak. It is recommended that a patch be applied t...

5.7CVSS5.4AI score0.00419EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libxml2

In libxml2 before version 2.10.4, parsing certain invalid XSD schemas can lead to a NULL pointer dereferencing, followed by a segfault. This issue occurs in the xmlSchemaFixupComplexType function in xmlschemas.c...

6.5CVSS6.6AI score0.01086EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

6.5CVSS6.8AI score0.00889EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions through a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.7AI score0.00712EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation of Omnibox in Google Chrome prior to version 99.0.4844.51 allowed an attacker with privileged network access to perform a man-in-the-middle attack through malicious network traffic. Chromium security severity: Low...

3.1CVSS5.8AI score0.00238EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Extensions in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to spoof extension storage via a crafted HTML page. Chromium security severity: High...

6.5CVSS6.6AI score0.0048EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in xorg-server

A vulnerability was discovered in X.Org. This security flaw arises because the XkbCopyNames function left a dangling pointer pointing to freed memory, allowing for out-of-bounds memory access during subsequent XkbGetKbdByName requests. This issue can lead to local privileges escalation on systems...

7.8CVSS7.7AI score0.00958EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

A NULL pointer dereference issue was discovered in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, resulting in a kernel oops condition that causes a denial of service...

5.5CVSS6.8AI score0.00419EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixed a potential memory leak related to gpumetricstable. Memory is allocated for gpumetricstable in renoirinitsmctables, but it is not freed in int smuv120finismctables. Please free that memory accordingly...

5.5CVSS6.2AI score0.00265EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Integer overflow in the Window Manager in Google Chrome on the Chrome OS and Lacros before version 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out-of-bounds memory write via crafted UI interactions. Chrome security severity: Hig...

8.8CVSS7.4AI score0.00541EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Vim

Out-of-bounds read in the GitHub repository for Vim before version 8.2...

7.8CVSS6.7AI score0.0145EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

Before version 102.0.5005.61, using the "after free" feature in Indexed DB in Google Chrome allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page...

9.6CVSS7.3AI score0.0088EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Vim

A heap-based buffer overflow vulnerability occurs in Vim in the GitHub repository vim/vim, prior to version 8.2.4563...

8.4CVSS7.4AI score0.00698EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Vim

Vim is vulnerable to Out-of-bounds Read attacks...

5.5CVSS6.8AI score0.01762EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Vim

Vim is vulnerable to Heap-based Buffer Overflow attacks...

9.3CVSS7.1AI score0.01669EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in cyrus-sasl2

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, the plugins/sql.c file does not escape the password used in SQL INSERT or UPDATE statements...

8.8CVSS7.1AI score0.04123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 101.0.4951.41, using free after development tools in Google Chrome allowed a remote attacker to potentially exploit heap corruption through specific and direct user interactions...

8.8CVSS7AI score0.0074EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A use-after-free flaw was discovered in the Linux kernel’s Amateur Radio AX.25 protocol functionality, regarding the way users connect with the protocol. This flaw allows a local user to crash the system...

5.5CVSS6.7AI score0.00385EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

Before version 99.0.4844.74, using Safe Browsing in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

9.6CVSS7.3AI score0.00744EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Cast in Google Chrome before version 99.0.4844.51 allowed attackers to convince users to install a malicious extension and induce specific user interactions, thereby potentially exploiting heap corruption through a crafted Chrome Extension...

8.8CVSS7.3AI score0.00737EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Jetty9

There exists a security vulnerability in Jetty’s DosFilter that can be exploited by unauthorized users to cause remote denial-of-service DoS attacks on servers using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server’s memory...

7.5CVSS6.4AI score0.00946EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in glibc

The Name Service Cache Daemon’s nscd netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. This flaw was introduced in glibc 2.15, when the cache was added to nscd. This vulnerability only exists in the nscd binary...

7.4CVSS6.3AI score0.00403EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of after-free in ANGLE in Google Chrome before version 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Critical...

8.8CVSS7.3AI score0.0334EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: corrected incorrect allocation size gcc-14 notes that the allocation using sizeofvoid on 32-bit architectures is insufficient for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In the function...

5.5CVSS5.6AI score0.00244EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: hsr: Fixed uninit-value access in hsrgetnode KMSAN reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in hsrgetnode+0xa2e/0xa40...

5.5CVSS6.4AI score0.00249EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. Chromium security severity: High...

5.3CVSS6.2AI score0.00429EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libssh

A flaw was discovered in libssh. By using the ProxyCommand or ProxyJump feature, users can exploit unvalidated hostname syntax on the client side. This issue may allow an attacker to inject malicious code into the commands related to these features via the hostname parameter...

4.8CVSS6.7AI score0.00449EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

Guests can trigger the reset/abort/crash of the NIC interface through netback. It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux-based network backend by sending certain types of packets. It seems to be an unstated assumption in the rest of the Linux network stack...

6.5CVSS6.5AI score0.00463EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow vulnerability in Vulkan in Google Chrome prior to version 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.00586EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hfi1: Fixed a use-after-free bug related to the mm struct. Under certain conditions, such as MPIAbort, the hfi1 cleanup code may represent the last reference held on the task’s mm. hfi1mmurbunregister then releases the la...

7.8CVSS6.5AI score0.00244EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A vulnerability classified as problematic has been discovered in the Linux kernel. The affected function is j1939sessiondestroy in the file net/can/j1939/transport.c. This manipulation leads to a memory leak. It is recommended that a patch be applied to fix this issue. The identifier of this...

3.5CVSS5.4AI score0.00299EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in SQLite3

SQLite version 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c...

5.5CVSS6.8AI score0.0064EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libsdl1.2, libsdl2

In SDL Simple DirectMedia Layer, from versions 1.2.15 onward, as well as in versions 2.x through 2.0.9, there is a heap-based buffer over-read issue in the InitMSADPCM function within audio/SDLwave.c, specifically within the wNumCoef loop...

8.8CVSS6.9AI score0.02959EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in the 389-DS-base

In the 389-ds-base up to version 1.4.1.2, requests are processed by worker threads. Each socket is waited for by the worker for no more than ‘ioblocktimeout’ seconds. However, this timeout applies only to un-encrypted requests. Connections that use SSL/TLS do not take this timeout into account...

7.5CVSS6.3AI score0.08426EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in SQLite3

The ext/misc/zipfile.c file in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded \0' characters in filenames, resulting in a memory-management error that can be detected using tools like valgrind...

7.5CVSS7.9AI score0.03244EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux

The overlayfs implementation in the Linux kernel failed to properly validate, regarding user namespaces, the setting of file capabilities on files in the underlying file system. Due to the combination of unprivileged user namespaces and a patch carried in the Ubuntu kernel that allows unprivilege...

8.8CVSS7.1AI score0.43988EPSS
Exploits27References2
Total number of security vulnerabilities18102