Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Thunderbird, Firefox

Navigation was allowed when dragging a URL from a cross-origin iframe into the same tab, which could lead to website spoofing attacks. This vulnerability affects Firefox 109, Firefox ESR 102.7, and Thunderbird 102.7...

6.5CVSS6.8AI score0.00347EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in xorg-server, xwayland

A use-after-free flaw was identified in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, modifying the trigger values as required. Eventually, the SyncInitTrigger function is called. If one of these changes causes an error, the function...

7.8CVSS7AI score0.00359EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: iio: adc: menz188adc: Fixed a resource leak in the error handling path. If iiodeviceregister fails, a previous ioremap call remains unbalanced. The error handling path has been updated, and the missing iounmap call has been added...

5.5CVSS5.2AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: quota: fixed the loop condition in f2fsquotasync The parameter cnt should be passed to sbhasquotaactive, rather than type, to correctly check the active quota. Moreover, when the type is -1, the compiler, with sufficient...

5.5CVSS6AI score0.00247EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in WebKit2GTK

This issue has been resolved through improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6, and iPadOS 15.6, as well as macOS Monterey 12.5. Visiting a website that contains malicious content may lead to UI spoofing...

6.5CVSS6.9AI score0.06463EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Makes bpfrefcountacquire failable for non-owning references This patch fixes an incorrect assumption made in the original bpfrefcount series 0. Specifically, it assumes that the BPF program calling bpfrefcountacquire on a...

7.8CVSS6.3AI score0.00143EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: sfc: fixed the issue where all channels had TX queues. Normally, all channels have both RX and TX queues. However, this is not true when modparam efxseparatetxchannels=1 is used. In such cases, some channels only have RX queue...

5.5CVSS6.3AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in DevTools in Google Chrome prior to 121.0.6167.85 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00419EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: do not leak PM reference in the error path. If gpminfcapplytimings fails, the PM runtime usage counter must be dropped...

7.8CVSS6.1AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

During operations on MessageTasks, a task may be removed while it is still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.15, Thunderbird 91.2, Firefox ESR 91.2, Firefox ESR 78.15, and Firefox 93...

8.8CVSS7.2AI score0.01593EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed a memory leak in the mes self test. The fences associated with the mes queue must be freed during amdgpuringfini...

5.5CVSS6AI score0.00143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: soc: bcm: Check for a NULL return from devmkzalloc. As a potential failure during allocation, devmkzalloc may return NULL. Then, pd-pmb and the subsequent lines of code may lead to a null pointer dereferencing. Therefore, it is...

5.5CVSS6.2AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Ring-buffer: Fixed a race condition between readers and resize checks. The reader code in rbgetreaderpage swaps a new reader page into the ring buffer by using cmpxchg on old-list.prev-next to point it to the new page. After that...

4.7CVSS6.5AI score0.00175EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iommu/sprd: The DMA buffer should be released to avoid memory leaks. When attaching to a domain, the driver allocates a DMA buffer, which is used to store the address mapping table. This buffer must be released when the IOMMU...

5.9AI score0.00162EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fixed dtlaccesslock to use a rwsemaphore. The dtlaccesslock needs to be a rwsemaphore, a sleeping lock, because the code calls kmalloc while holding this lock, which can cause a sleep condition. bash echo 1...

5.5CVSS6.4AI score0.00203EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in node-tar

The npm package “tar” also known as node-tar in versions prior to 4.4.16, 5.0.8, and 6.1.7 has vulnerabilities related to arbitrary file creation/overwriting and arbitrary code execution. node-tar aims to ensure that any file whose location would be modified by a symbolic link is not extracted...

8.6CVSS7AI score0.03286EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in binutils

A vulnerability was discovered in cp-demangle.c of GNU libiberty, as part of GNU Binutils 2.31. There is a stack consumption vulnerability caused by infinite recursion in the functions nextistypequal and cplusdemangletype in cp-demangle.c. Remote attackers could exploit this vulnerability to caus...

5.5CVSS6.8AI score0.01686EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Pandoc

Pandoc is a Haskell library for converting between different markup formats, as well as a command-line tool that utilizes this library. Starting from version 1.13 and before version 3.1.4, Pandoc was vulnerable to a file-write vulnerability. This vulnerability could be exploited by including a...

6.1CVSS5.8AI score0.00368EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox

The incorrect domain might have been displayed in the address bar during a interrupted navigation attempt. This could have caused confusion for users and potentially led to spoofing attacks. This vulnerability affects Firefox 133 and Thunderbird 133...

4.3CVSS5.1AI score0.00401EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not...

7.8CVSS6.1AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger an...

10CVSS7.6AI score0.02136EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in WebKit2GTK

A logic issue has been addressed through improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2, and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2, and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may allow bypass of the...

5.5CVSS6.7AI score0.00197EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: CFI: Fixed the use of cfislowpathdiag with cpuidle. The use of RCUNONIDLE during cfislowpathdiag can result in an invalid RCU state in the cpuidle code path. WARNING: CPU: 1, PID: 0, at kernel/rcu/tree.c:613, rcueqsenter+0xe4/0x1...

5.5CVSS5.9AI score0.00243EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix lock ordering in btrfszoneactivate The btrfs CI reported a lockdep warning as follows when running generic/129. WARNING: A circular locking dependency was detected. 6.7.0-rc5+ 1 Not tainted...

5.5CVSS6AI score0.00176EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in pgpool2

The Pgpool-II provided by PgPool Global Development Group contains a authentication bypass vulnerability as a primary weakness. If this vulnerability is exploited, an attacker may be able to log in to the system as an arbitrary user, allowing them to read or tamper with data in the database, and/...

9.8CVSS8.3AI score0.00791EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check that the endpoint is valid before dereferencing it. When the host controller is not responding, all URBs queued to all endpoints need to be terminated. This can cause a kernel panic if we attempt to dereference a...

5.5CVSS6.1AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: libfs: Fix for getstasheddentry The getstasheddentry function attempts to retrieve a stashed dentry from a specified location in a optimistic manner. It needs to ensure that it holds a rcu lock before dereferencing the stashed...

5.5CVSS6.1AI score0.00192EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iio: Buffer: Fixed error handling related to files in IIOBUFFERGETFDIOCTL. If we fail to copy the newly created file descriptor to userland, we try to clean it up by returning the ‘fd’ and freeing the ‘ib’. The code uses...

7.8CVSS6AI score0.00284EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Potential use-after-free issues have been avoided in hcierrorreset. When handling the HCIEVHARDWAREERROR event, if the underlying BT controller is not responding, the GPIO reset mechanism will free the hcidev, leading ...

5.5CVSS6.3AI score0.0028EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in node-cookiejar

Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service ReDoS attacks through the Cookie.parse function, which uses an insecure regular expression...

7.5CVSS6.8AI score0.01546EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fixed the Rx DMA data size and skboverpanic issue. The function managetrxbufcfg aligns the DMA data size of the RX buffer to be a multiple of 64. As a result, a packet slightly larger than mtu+14, for example, 1536...

5.5CVSS6.3AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: x86/fpu: Keep xfdstate synchronized with MSRIA32XFD The commits 672365477ae8 "x86/fpu: Update XFD state where required" and 8bf26758ca96 "x86/fpu: Add XFD state to fpstate" introduced a per-CPU variable xfdstate to keep the...

7.8CVSS6.4AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in imagemagick

In the functions CatromWeights, MeshInterpolate, InterpolatePixelChannel, InterpolatePixelChannels, and InterpolatePixelInfo, which are all part of /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations that were used with the floor function. These calculations resulted ...

5.5CVSS6.7AI score0.01172EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Added sanity checks for the validity of rdev. There is a possibility that callbacks for ulpirqstop and ulpirqstart will be called when the device is in a detached state. This could lead to a crash due to NULL pointer...

5.5CVSS6.3AI score0.00187EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/binfmtelf: A memory leak was fixed in loadelfbinary. There is also a memory leak reported by kmemleak: Unreferenced object: 0xffff88817104ef80 size: 224 Reported by comm "xfsadmin", pid 47165, jiffies: 4298708825 age: 1333.476...

5.5CVSS5.9AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in libvpx

In libvpx version VP9 before 1.13.1, handling of widths is incorrect, resulting in a crash related to encoding...

7.5CVSS6.8AI score0.01936EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libsdl1.2, libsdl2

The SDL Simple DirectMediaLayer version from 1.2.15 to 2.0.9, as well as 2.x versions up to 2.0.9, has a heap-based buffer over-read issue in the Blit1to4 function within the video/SDLblit1.c file...

8.1CVSS6.8AI score0.03299EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: corrected incorrect kunmap when using LZMA on HIGHMEM platforms As shown in the call trace, the root cause is incorrect pages handled by kunmap: BUG: Kernel NULL pointer dereferencing, address: 00000000 CPU: 1 PID: 40 Comm...

5.5CVSS5.9AI score0.00152EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid dereferencing the fcport pointer. Klocwork reported a warning that a NULL pointer might be dereferenced. The routine exits when saCTL is NULL and fcport is allocated after the exit call. This causes the NULL...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/bridge: sii902x: Fixed the probing race issue A null pointer dereference crash has been observed rarely on TI platforms using the sii9022 bridge: 53.271356 sii902xgetedid+0x34/0x70 sii902x 53.276066...

4.7CVSS6.3AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in TeXeVe-Bin

OpenDetex 2.8.5 has a Buffer Overflow issue in TexOpen, specifically in detex.l, due to an incorrect sprintf operation...

7.8CVSS7AI score0.01212EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in CGal

There is a code execution vulnerability in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. There is also an oob read vulnerability in Nef2/PMio parser.h, specifically in the PMio parser::readvertex function. OOB read vulnerabilities exist as well. An attacker can provide malicio...

10CVSS7.3AI score0.02878EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fixed a data race around the sysctltcpfwmarkaccept function. When reading sysctltcpfwmarkaccept, it can be changed concurrently. Therefore, we need to add a READONCE call to its reader function...

4.7CVSS6.3AI score0.00181EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxparseblockgrouporsimpleblock function within matroska-demux.c. This function does not properly check the validity of the GstBuffer sub...

7.5CVSS6.2AI score0.00865EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in node-loader-utils

A prototype pollution vulnerability exists in the parseQuery function in parseQuery.js, within the webpack-loader-utils module. This issue affects all versions prior to 1.4.1 and 2.0.3...

9.8CVSS7AI score0.02601EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7921s: Fixed a slab-out-of-bounds access in the SDIO host. SDIO may require an additional 511 bytes to align bus operations. If the tailroom of this skb is not sufficient, we might access an invalid memory region...

6AI score0.00167EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: rds: Fixed a possible NULL pointer dereferencing issue. In the rdsrdmacmeventhandlercmn function, a check was performed to ensure that the conn pointer exists before dereferencing it as an argument for rdmasetservicetype. Th...

5.5CVSS5.9AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in xterm

With Patch 370, xterm enables Sixel support. When this is enabled, attackers can exploit a buffer overflow in the setsixel function in graphicssixel.c by using crafted text...

5.5CVSS6.3AI score0.01694EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: bcm2711: Fix xHCI power-domain During S2idle tests on the Raspberry CM4, the VPU firmware always crashes when the xHCI power-domain is resumed: root@raspberrypi:/sys/power echo freeze state 70.724347 xhcisuspend finishe...

5.5CVSS6.3AI score0.00181EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed an issue identified by KASAN...

5.7AI score0.00167EPSS
Exploits0References1
Total number of security vulnerabilities18102