Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “arm64: zynqmp: Add an OP-TEE node to the device tree” This issue has been resolved through the commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically inserts a reserved-memory node along with the...

5.5CVSS6AI score0.00138EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed a mismatch in the count of ECMP siblings when clearing RTFADDRCONF. The syzbot reported a kernel bug in fib6addrt2node, when adding an IPv6 route. 0 The commit f72514b3c569 "ipv6: Clear RA flags when adding a static...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A website configured to initiate a specially crafted WebTransport session could cause the Firefox process to crash, resulting in a denial-of-service condition. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...

7.5CVSS6.7AI score0.00491EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queuelock lock and destroy Commit 76d54bf20cdc "nvme-tcp: don’t access released sockets during error recovery" added a mutexlock call for the queue-queuelock in nvmetcpgetaddress. However, the...

4.7CVSS6.4AI score0.00161EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mapletree: correct tree corruption on spanning store Patch series “mapletree: correct tree corruption on spanning store”, v3. There was a minor but significant bug in the maple tree implementation that seems to have existed since...

5.5CVSS6.4AI score0.00201EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.21 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: Folios with a right number of references are dropped when they exceed the limit set by EOF. When a “after-split” folio is large and needs to be dropped due to reaching EOF, the function folioputrefsfolio,...

5.5CVSS6.3AI score0.00174EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox

A race condition involving requestPointerLock and setTimeout could have allowed a user to interact with one tab while believing they were on a different tab. Combined with certain elements such as , this could lead to an attack where the user became confused about the origin of the webpage and...

3.1CVSS6.7AI score0.00605EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

In WebUI Settings of Google Chrome before version 89.0.4389.72, an out-of-bounds memory read was allowed, enabling a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chrome security severity: Low...

5.4CVSS6.7AI score0.00443EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in nss

When converting coordinates from projective to affine, the modular inversion was not performed in constant time, allowing for a timing-based side channel attack. This vulnerability affects Firefox versions less than 80, as well as Firefox for Android versions less than 80...

4.7CVSS6.7AI score0.00268EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fixed the NULL dereference in mlx5etirbuilderalloc. In mlx5etirbuilderalloc, kvzalloc may return NULL, which will be dereferenced on the next line as a reference to the modify field. This issue was identified by the...

5.5CVSS6.4AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: fs/netfs/fscachecookie: added a check for the missing “naccesses” parameter. This fix addresses a NULL pointer dereference bug caused by a data race. The details of the bug are as follows: BUG: NULL pointer dereference in the...

5.5CVSS6.5AI score0.00224EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.0 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: A bug related to the missing hugetlblock during resv uncharge has been fixed. There is a recent report regarding the use of UFFDIOCOPY over hugetlb: https://loreKernel.org/all/[email protected]/...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in coreutils

The vulnerability of the GNU Core Utilities basic utility package relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to cause a service failure...

5.5CVSS6.2AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Firefox

In violation of the specification, cookie prefixes such as Secure were ignored if they were not capitalized correctly. According to the specification, these prefixes should be checked using a case-insensitive comparison. This could result in the browser not correctly implementing the behaviors...

9.8CVSS7AI score0.00773EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: s390/cio: Verify the availability of the driver for the pathevent call. If no driver is attached to a device, or if the driver does not provide the pathevent function, an FCES path-event on this device could result in a...

5.5CVSS5.3AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Frames in Google Chrome before version 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01908EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Chromium

Before version 100.0.4896.88, using free after in WebGPU with Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00617EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow, because getstdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: Exploitation may be impractical due to the execution time required to cause an overflow multiple days...

7.8CVSS7.9AI score0.00464EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in ANGLE in Google Chrome prior to version 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.1AI score0.01153EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 97.0.4692.99, using "After Free" in Safe Browsing in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.28196EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 96.0.4664.110, using Swiftshader in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.0075EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Ceph

A key length flaw was discovered in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed during the encryption algorithm process, resulting in the creation of a non-random key. Such a key is weaker and can be exploited to compromise the confidentiality...

6.5CVSS6.8AI score0.00436EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

A flaw was discovered in btrfsgetrootref in fs/btrfs/disk-io.c within the btrfs filesystem of the Linux kernel, due to a double decrement of the reference count. This issue may allow a local attacker with user privileges to crash the system or may lead to the leakage of internal kernel informatio...

7.1CVSS6.6AI score0.00254EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in glib2.0

A flaw was discovered in GLib. A integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds...

5.4CVSS6.1AI score0.00325EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox

DoS attacks in the DOM: Service Workers component. This vulnerability was fixed in Firefox 147 and Thunderbird 147...

7.5CVSS5.4AI score0.00537EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btmtksdio: Fixed a kernel oops in btmtksdiointerrupt. Fixed the following kernel oops in btmtksdiointerrrupt: 14.339134 btmtksdiointerrupt+0x28/0x54 14.339139 processsdiopendingirqs+0x68/0x1a0 14.339144...

5.5CVSS6.5AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations of WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass the same-origin policy through a crafted HTML page...

6.3CVSS6.6AI score0.00648EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Firefox, LibWebP, Thunderbird

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode function and loop through to free the best.bw file, assigning the best pointer to trial. The second loop will then return 0 due to a memory out-of-memory error in the VP8 encoder; the pointer remai...

7.5CVSS7.1AI score0.00952EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: prevents reg-wait speculation. By using ENTEREXTARGREG instead of passing a user pointer along with arguments for the waiting loop, the user can specify an offset within a pre-mapped region of memory. In this case, offse...

5.5CVSS6.3AI score0.00177EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an warning in ext4updateinlinedata. Syzbot identified the following issue: EXT4-fs loop0: Mounted a filesystem with ID 00000000-0000-0000-0000-000000000000 without a journal. Quota mode: none. fscrypt: Uses...

5.5CVSS6.4AI score0.00167EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: netlink: prevents potential Spectre v1 exploits Most netlink attributes are parsed and validated via nlavalidateparse or validatenla. c u16 type = nlatypenla; if type == 0 || type maxtype / Error or continue / The @type value is...

7.8CVSS6.3AI score0.00199EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451c1 “bpf: Track subprog poke descriptors correctly and fix use-after-free” under various failure conditions, for example, when...

5.5CVSS6.2AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: virtioconsole: removed the anonymous moduleinit and moduleexit functions. These anonymous functions can cause confusion or ambiguity when reading the System.map file, or may lead to crashes, oopses, or bugs. Additionally, they...

5.5CVSS6.4AI score0.00244EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/vma: Fixed a memory leak in mmapregion. The commit 605f6586ecf7 “mm/vma: No memory leak occurs when .mmapprepare swaps the file” handled the success path by skipping getfile via filedoesntneedget, but missed the error path...

5.5CVSS5.9AI score0.00113EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipmi: Fixed UAF when uninstalling the ipmisi and ipmimsghandler modules Hi, During testing the installation and uninstallation of the ipmisi.ko and ipmimsghandler.ko modules, the system crashed. The log contains the following...

5.5CVSS6.5AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in glibc

A flaw was discovered in glibc. A “off-by-one” buffer overflow and underflow in the getcwd function may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and the size passed to getcwd in a setuid program could exploit this flaw t...

7.8CVSS7.7AI score0.0072EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in wavpack

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variables. The impact includes unexpected control flow, crashes, and segfaults. The affected component is: ParseWave64HeaderConfig wave64.c:211. The attack vector is a maliciously crafted .wav file. The fixed version is: Afte...

5.5CVSS6.6AI score0.01503EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in wavpack

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variables. The impact includes unexpected control flow, crashes, and segfaults. The affected component is ParseCaffHeaderConfig caff.c:486. The attack vector is a maliciously crafted .wav file. The fixed version is after the...

5.5CVSS6.3AI score0.01456EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Power: Supply: bq27xxx: Fixed handling of pollinterval and races during removal operations. Before this patch, the bq27xxxbatteryteardown function set pollinterval to 0 to avoid requeuing the delayedwork item during...

5.6AI score0.00184EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: block: Fixed a potential deadlock in blkiarangesysfsshow When reading a sysfs attribute, the attribute is already protected against removal due to the active reference counter of the kobject node. As a result, in...

5.5CVSS6.2AI score0.00184EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mctp: Fixed an error handling path in mctpinit. If mctpneighinit returns an error, the route resources should be released during the error handling path. Otherwise, some resources may be leaked...

5.5CVSS5.8AI score0.00163EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A race condition was identified in the Linux kernel’s perfeventopen function, which can be exploited by an unprivileged user to gain root privileges. This bug allows for the exploitation of several attack primitives, such as kernel address information leakage and arbitrary execution...

7CVSS6.8AI score0.0031EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fixed a bo leak in intelfbboframebufferinit. Added a unreference of “bo” in the error path to prevent the leakage of a “bo” reference. Return 0 on success to clarify the success path. Cherry-picked from commit...

5.5CVSS5.9AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Counter: rz-mtu3-cnt: Do not use the dev member of the struct rzmtu3channel. The counter driver can use HW channels 1 and 2, while the PWM driver can use HW channels 0, 1, 2, 3, 4, 6, 7. The dev member is assigned both by the...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: The issue of using the wrong skb when comparing the queued RESP challenge serial number has been fixed. In rxrpcpostresponse, the code should compare the challenge serial number from the cached response before deciding to...

7.5CVSS5.8AI score0.00426EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: added a sanity check on the previous kernel’s ima kexec buffer. When the second-stage kernel is booted via kexec with a limiting command line such as “mem=”, the physical range that contains the carried over IMA...

5.5CVSS6AI score0.00123EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net.manap: Null servicewq on setup error to prevent double destruction. In the managdsetup error path, servicewq is set to NULL after destroyworkqueue, to match the cleanup in managdcleanup. This prevents a use-after-free if the...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: caam – fixed an overflow issue when dealing with long HMAC keys. When a key that is longer than the block size is provided, it is copied and then hashed into the actual key. The memory allocated for the copy needs to be...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in libstb

In Libsixel, prior to and including v1.10.3, a NULL pointer dereferencing in the stbimage.h component of libsixel allows attackers to cause a denial of service DOS through a crafted PICT file...

6.5CVSS6.6AI score0.00922EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in WebKit2GTK

This issue has been addressed through improved checks. This issue is fixed in Safari 26.1, iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, and watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS6.6AI score0.00463EPSS
Exploits0References2
Total number of security vulnerabilities18102