Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qlt24xxhandleabts The commit 8f394da36a36 “scsi: qla2xxx: Drop TARGETSCFLOOKUPLUNFROMTAG” caused the qlt24xxhandleabts function to return early if tcmqla2xxxfindcmdbytag failed to find a command...

4.7CVSS6.3AI score0.00229EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: A refcount leak was fixed in the cleanupdev function. The usbgetdev function is called in xillyusbprobe. Therefore, it is better to call usbputdev before releasing the xdev object...

5.5CVSS6.3AI score0.00252EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: High...

9.6CVSS7.2AI score0.00585EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.1AI score0.00319EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfc: fixed a memory leak in the seio context within nfcgenlseio. The callback context for sending/receiving APDUs to/from the selected secure element is allocated within nfcgenlseio and should eventually be freed in the seiocb...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: scsidebug: Do not call kcalloc if size argument is zero. If the size argument to kcalloc is zero, it returns ZEROSIZEPTR. Therefore, for the subsequent NULL pointer check to work on the returned pointer, kcalloc must not...

5.5CVSS6AI score0.00238EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netpoll: Fixed a deadlock in memory allocation under spinlock. A deadlock occurred in the refillskbs function, where memory allocation while holding skbpool-lock could trigger a recursive lock acquisition attempt. This deadlock...

5.8AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit Syzbot reported that -1 is used as an array index. The problem lay in the lack of a validation check. The value of hdw-unitnumber is initialized with -1. If the...

7.8CVSS6.2AI score0.00274EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – A race condition has been fixed when enabling fast-xmit. fast-xmit must only be enabled after the station has been uploaded to the driver. Otherwise, it might pass the yet-to-be-uploaded station through drvtx cal...

5.5CVSS6.2AI score0.00193EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/memmap: The nrpages value is cast to sizet before shifting. If the allocated size exceeds UINTMAX, it is necessary to cast the mr-nrpages value to sizet to prevent an overflow. In practice, this isn’t a major issue, as th...

7.8CVSS6.5AI score0.00141EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in openjpeg2

A heap-buffer overflow was discovered in the way openjpeg2 handles certain PNG format files. An attacker could exploit this flaw to cause an application to crash, or in some cases to execute arbitrary code with the permission of the user running such an application...

7.8CVSS7.6AI score0.02008EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в u-boot

The U-Boot 2022.01 has a Buffer Overflow, a different issue compared to CVE-2022-30552...

7.8CVSS7.2AI score0.00554EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...

10CVSS8.9AI score0.02145EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in faad2

A issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function ltprediction located in ltpredict.c. This allows an attacker to cause code execution...

7.8CVSS7.5AI score0.01225EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in exiv2

Exiv2 is a C++ library and a command-line utility for reading, writing, deleting, and modifying Exif, IPTC, XMP, and ICC image metadata. An out-of-bounds read vulnerability was discovered in Exiv2 versions 0.28.5 and earlier. This vulnerability occurs when Exiv2 is used to write metadata into a...

5.5CVSS6.4AI score0.00132EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fixed the mpolnew leak in sharedpolicyreplace. If mpolnew is allocated but not used during the restart loop, mpolnew will be freed via mpolput before returning to the caller. However, refcnt has not been initialized...

5.5CVSS6.4AI score0.00262EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: pcigeneric: Remove the WQMEMRECLAIM flag from the state workqueue. A recent change created a dedicated workqueue for the state-change work, with WQHIGHPRI and WQMEMRECLAIM flags. However, the state-change work...

5.5CVSS5.8AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Jackson-Databind

FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS...

8.8CVSS6.9AI score0.05041EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: NFC: nci: fixed a memory leak in nciallocatedevice The nfcmrvldisconnect function fails to free the hcidev field in the struct ncidev. This issue was fixed by freeing hcidev in ncifreedevice. BUG: Memory leak Unreferenced obje...

5.5CVSS6.5AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 94.0.4606.54, using the "after free" mechanism in the File System API in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01349EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ALSA: pcm: Added a sanity NULL check for the default mmap fault handler. A driver may allow access to mmap before properly initializing runtime-dmaarea. A proper NULL check should be added before passing the value to virttopag...

5.5CVSS6.5AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox

Context-specific code was included in a shared jump table, resulting in assertions being triggered in multithreaded Wasm code. This vulnerability affects Firefox versions earlier than 86...

6.5CVSS6.9AI score0.01007EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in htmldoc

A flaw was discovered in htmldoc in versions prior to v1.9.12. A null pointer dereferencing in fileextension in file.c may allow for the execution of arbitrary code and cause a denial of service attack...

7.8CVSS7.2AI score0.01268EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Integer overflow has been prevented in hdrfirstde. The variables deoff and used originate from the disk; therefore, both need to be checked. The issue is that on 32-bit systems, if both values are greater than UINTMAX -...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed a potential race condition when creating a tree that connects to IPC. Protected access to TCPServerInfo::hostname when building the IPC tree’s name, as the name might be freed by the cifsd thread, potentially causi...

6AI score0.00167EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: dm cache: Fixed the issue where uninitialized delayedwork objects were flushed during a cachectr error. An unexpected WARN message may occur when cache creation fails, caused by destroying the uninitialized delayedwork object ...

7.8CVSS6.5AI score0.00251EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A out-of-bounds memory access vulnerability was discovered in the vmwgfx driver, located in the vmxgfx/vmxgfxkms.c file within the GPU component of the Linux kernel. The vulnerability affects device files such as '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account...

6.3CVSS6.7AI score0.00614EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in leptonlib

Leptonica before 1.80.0 allows an excessive read of the heap-based buffer in pixReadFromTiffStream, related to tiffio.c...

7.5CVSS7.3AI score0.02356EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in fig2dev

A issue was discovered in fig2dev prior to 3.2.8. A NULL pointer dereferencing exists in the function computeclosedspline located in transspline.c. This allows an attacker to cause a Denial of Service attack. The fixed version of fig2dev is 3.2.8...

5.5CVSS6.7AI score0.00949EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: LSM: General protection fault in legacyparseparam The usual LSM hook mechanism of “bailing on failure” doesn’t work in cases where a security module returns an error code indicating that it doesn’t recognize an input. In this...

5.5CVSS6.3AI score0.00253EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Unused nvmelswaitq wait queue has been removed. A system crash occurs when qla2x00startspsp returns an error code EGAIN, and the wakeup function is called for an uninitialized wait queue sp-nvmelswaitq. - qla2xx...

5.5CVSS6.4AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: pnode: terminate at peers of source The propagatemnt function handles mount propagation when creating mounts and propagates the source mount tree @sourcemnt to all applicable nodes of the destination propagation mount tree, heade...

5.5CVSS6.2AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

A problem related to injections has been addressed through improved validation. This issue is fixed in Safari 17.4, iOS 17.4, iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, and watchOS 10.4. A maliciously crafted webpage may potentially exploit this vulnerability...

7.5CVSS6.8AI score0.01286EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Added a bounds check on patindex to prevent out-of-bounds kernel reads in madvise. When a user provides a bogus patindex value through the madvise IOCTL, the xepatindexgetcohmode function performs an array access without...

7.1CVSS5.7AI score0.00118EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Prevents ubuf size overflow. The ubuf size calculation may overflow, leading to under-sized allocations and potential memory corruption. Use the checkaddoverflow helper function to validate the size calculation...

7.8CVSS5.8AI score0.00127EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

“Type Confusion in V8 in Google Chrome” before version 125.0.6422.112 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

9.6CVSS7.3AI score0.1002EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Avoiding hwdesc array overrun in dw-axi-dmac I have a use case where nrbuffers = 3, and each descriptor consists of 3 segments. As a result, the DMA channel descriptors allocated are 9. Since axidescput handles the hwdesc by...

5.5CVSS6.3AI score0.00289EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: cachefiles: Fixed the dentry leak in cachefilesopenfile. A dentry leak may occur when a lookup cookie and a cull operation are performed concurrently. P1 | P2 -----------------------------------------------------------...

5.5CVSS6.5AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink When all the strides in a WQE have been consumed, the WQE is unlinked from the WQ linked list mlx5wqllpop. For SHAMPO, it is possible to receive CQEs with 0 consumed strides fo...

5.5CVSS6AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Firefox

Starting with Firefox 142, it became possible for a compromised child process to trigger a use-after-free in the GPU or browser process through WebGPU-related IPC calls. This vulnerability could potentially be exploited to escape the child process sandbox. This vulnerability was fixed in Firefox...

9.8CVSS5.3AI score0.00308EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in busybox

A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function...

7.2CVSS7.4AI score0.02793EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm: A use-after-free issue in drmgetunique has been fixed. There is a time-of-check-to-time-of-use error in drmgetunique, caused by retrieving fpriv-master before locking the device’s master mutex. An example of this error can b...

7CVSS6.1AI score0.00183EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: ca8210: Stop leaking the skb structure. Upon an error, the ieee802154xmitcomplete helper function is not called. Only ieee802154wakequeue is called manually. As a result, the skb structure is leaked. Lease the sk...

5.5CVSS5.6AI score0.00223EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Memory: pl353-smc: Fixed a refcount leak issue in pl353smcprobe. The break in foreachavailablechildofnode requires a corresponding ofnodeput when the reference ‘child’ is no longer used. In this case, we don’t need to call...

5.5CVSS6.1AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fixed the null-ptr-deref issue in mreplace in raid10syncrequest. There are two checks for ‘mreplace’ in raid10syncrequest. In the first check, ‘needreplace’ is set, and ‘mreplace’ is used later if there is no faulty...

5.5CVSS6.1AI score0.00137EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to avoid the use of f2fsbugon in decvalidnodecount. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215897 I have encountered a bug in the F2FS file system in the kernel version...

5.5CVSS6.1AI score0.00247EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: NFSD: prevented underflow in nfssvcdecodewriteargs Smatch reported the issue as follows: fs/nfsd/nfsxdr.c:341 nfssvcDecodeWriteArgs Warning: no lower bound on ‘args-len’ The type of the variable has been changed to unsigned to...

5.5CVSS6.3AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Mariadb 10.3

A issue in the component mydecimal::operator= of MariaDB Server v10.6.3 and below was discovered. This issue allows attackers to cause a Denial of Service DoS attack through specially crafted SQL statements...

7.5CVSS7.2AI score0.02264EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: amdsfh – Fixed potential NULL pointer dereferencing. The devmaddactionorreset function may unexpectedly invoke amdmp2pciremove during registration, leading to NULL pointer dereferencing since the corresponding data is not...

5.5CVSS5.7AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: kobject: A sanity check was added for kset-kobj.ktype in ksetregister. When I register a kset in the following manner: c static struct kset mykset; kobjectsetname&mykset.kobj, "mykset"; ret = ksetregister&mykset; A null pointer...

5.5CVSS6.1AI score0.00146EPSS
Exploits0References2
Total number of security vulnerabilities18102