Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in CGal

There is a code execution vulnerability in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. There is also an oob read vulnerability in Nef2/PMio parser.h, specifically in the PMio parser::readvertex function. OOB read vulnerabilities exist as well. An attacker can provide malicio...

10CVSS7.3AI score0.02878EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fixed a data race around the sysctltcpfwmarkaccept function. When reading sysctltcpfwmarkaccept, it can be changed concurrently. Therefore, we need to add a READONCE call to its reader function...

4.7CVSS6.3AI score0.00181EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxparseblockgrouporsimpleblock function within matroska-demux.c. This function does not properly check the validity of the GstBuffer sub...

7.5CVSS6.2AI score0.00865EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in node-loader-utils

A prototype pollution vulnerability exists in the parseQuery function in parseQuery.js, within the webpack-loader-utils module. This issue affects all versions prior to 1.4.1 and 2.0.3...

9.8CVSS7AI score0.02601EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7921s: Fixed a slab-out-of-bounds access in the SDIO host. SDIO may require an additional 511 bytes to align bus operations. If the tailroom of this skb is not sufficient, we might access an invalid memory region...

6AI score0.00167EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: rds: Fixed a possible NULL pointer dereferencing issue. In the rdsrdmacmeventhandlercmn function, a check was performed to ensure that the conn pointer exists before dereferencing it as an argument for rdmasetservicetype. Th...

5.5CVSS5.9AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in xterm

With Patch 370, xterm enables Sixel support. When this is enabled, attackers can exploit a buffer overflow in the setsixel function in graphicssixel.c by using crafted text...

5.5CVSS6.3AI score0.01694EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: bcm2711: Fix xHCI power-domain During S2idle tests on the Raspberry CM4, the VPU firmware always crashes when the xHCI power-domain is resumed: root@raspberrypi:/sys/power echo freeze state 70.724347 xhcisuspend finishe...

5.5CVSS6.3AI score0.00181EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed an issue identified by KASAN...

5.7AI score0.00167EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevented NULL dereference in ip6output According to syzbot, there is a possibility that ip6dstidev returns NULL in ip6output. Most parts of the IPv6 stack handle a NULL idev fine, but not this case. syzbot reported: Genera...

5.5CVSS6.4AI score0.00262EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bridge: Protection against NULL vlan groups was added in the bridge function for local VLAN-0 FDB helpers. When the CONFIGBRIDGEVLANFILTERING configuration option is not set, the brvlangroup and nbpvlangroup functions return...

5.5CVSS6AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in WebKit2GTK

A vulnerable "use-after-free" vulnerability exists in the WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can exploit this vulnerability, leading to remote code execution. The victim must visit a malicious website to trigger the vulnerability...

8.8CVSS8.3AI score0.02824EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/filemap: Make MAXPAGECACHEORDER acceptable to xarray. Patch series “mm/filemap: Limit page cache size to that supported by xarray”, version 2. Currently, xarray cannot support arbitrary page cache sizes. More details can be...

5.5CVSS6.3AI score0.00211EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Printing in Google Chrome before version 119.0.6045.105 allowed a remote attacker who convinced a user to perform certain UI gestures to potentially exploit heap corruption through those gestures. Chromium security severity: Medium...

8.8CVSS7AI score0.01032EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Subversion

Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, resulting in disruptions for users of the repository. All versions of Subversion, including Subversi...

4.3CVSS5.4AI score0.01943EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: ibmvfc: Queue resources are only allocated/free during probe/remove operations. Currently, sub-queues and event pool resources are allocated/free for every CRQ connection event, such as reset and LPM. This exposes the...

5.5CVSS6.5AI score0.00243EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Check USB endpoints when probing the device. Ensure that, as the driver probes the device, all endpoints that the driver may attempt to access exist and are of the correct type. All XillyUSB devices must have a Bu...

5.5CVSS6.4AI score0.00221EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Autofill in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5AI score0.00339EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in p7zip

7-Zip 22.01 does not report an error for certain invalid xz files that involve block flags and reserved bits. Some later versions are unaffected...

3.3CVSS4.7AI score0.00215EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: loop: Fixed use-after-free issues The doreqfilebacked function calls blkmqcompleterequest synchronously or asynchronously when using asynchronous I/O, unless memory allocation fails. Therefore, modify loophandlecmd so that it...

7.8CVSS6.4AI score0.0017EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Squid

Squid is a web proxy cache. Starting from version 3.5.27 and before version 6.8, Squid may be vulnerable to a Denial of Service attack against the HTTP Chunked decoder due to an uncontrolled recursion bug. This issue allows a remote attacker to cause a Denial of Service when sending a crafted,...

8.6CVSS6.9AI score0.65254EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fixed a potential null-ptr-deref issue. Fixed the potential null-ptr-deref in hcilebigsyncestablishedevt...

5.5CVSS6.2AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

The use of the “after free in storage foundation” feature in Google Chrome before version 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00813EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the WebUI of Google Chrome prior to version 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape through a crafted Chrome Extension...

9.6CVSS7.2AI score0.01065EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: hwmon: In coretemp, a leak of the reference count for PCI devices was addressed in nv1aramnew. According to the comments on pcigetdomainbusandslot, it returns a PCI device whose reference count is incremented after use. The calle...

5.5CVSS6.3AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: csa unmap uses uninterruptible lock After a process exits, attempting to unmap csa and free the GPU virtual memory may cause memory leakage. This issue occurs when the process waits for the vm lock to be released, and...

5.5CVSS6.3AI score0.00165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

Before version 141.0.7390.54, reading media content in Google Chrome allowed a remote attacker to potentially perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: Medium...

7.5CVSS8.3AI score0.00356EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Erlang

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, OTP-26.2.5.10, and OTP-25.3.2.19, a maliciously formed KEX init message could result in high memory usage. The implementation does not verify the RFC specified limits on the length of algorithm nam...

7.5CVSS7.2AI score0.00436EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations of navigation functions in Google Chrome on iOS before version 90.0.4430.72 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

6.5CVSS6.9AI score0.01018EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: serial: 8250aspeedvuart: Fixed the potential NULL dereferencing in aspeedvuartprobe. The platformgetresource function may fail and return NULL; therefore, we should better check its return value to avoid NULL pointer dereferencin...

5.5CVSS6.2AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When resizing a popup while requesting fullscreen access, the popup becomes unable to exit the fullscreen mode. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

7.5CVSS7.1AI score0.00652EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in openjpeg2

There is a flaw in openjpeg in versions prior to 2.4.0, located in src/lib/openjp2/pi.c. When an attacker can provide crafted input that is processed by the openjpeg encoder, it may lead to an out-of-bounds read. The most significant impact of this flaw is the application’s availability...

5.5CVSS6.7AI score0.01384EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: Fixed the ref counting in cpufreqpolicy. The function amdpstateupdatelimits takes a reference to cpufreqpolicy, but does not decrement the reference count during one of the exit paths. This issue has been fixe...

5.5CVSS6.4AI score0.00181EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: fixed a memory leak in tcpconnrequest. If inetcskreqskqueuehashadd returns false, tcpconnrequest will return without freeing the dst memory, which was allocated in afops-routereq. Here is the stack trace for the issue:...

5.5CVSS6.4AI score0.00217EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the printerwrite function in the files drivers/usb/gadget/function/fprinter.c from version 6.7.4 onwards does not call usbepqueue properly. This may allow attackers to cause a denial of service or result in unspecified other impacts...

5.5CVSS6.5AI score0.00314EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: codecs: wcd938x: fixed missing mbhc initialization error handling The initialization of MBHC may fail, so additional error handling is needed to avoid dereferencing an error pointer during later configuration of the jack...

5.5CVSS6AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in dcmtk

A flaw has been discovered in OFFIS DCMTK up to version 3.6.9. The affected element is the function DcmQueryRetrieveIndexDatabaseHandle::startFindRequest/DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest in the library dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. This manipulation ca...

4.8CVSS5.7AI score0.00113EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Added a overflow check for attribute size. The offset addition could cause an overflow, potentially passing the used size check when parsing MFT attributes with very large sizes e.g., 0xffffff7f. This could lead to...

6.8AI score0.00217EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: Do not overflow the maximum copy size. With non-page-aligned copies, we need to use a pitch that is 4 bytes in size. However, the size of the copied data may still be close to our maximum of approximately 8M. As a...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: cifs: A use-after-free has been fixed in rdata-readintopages. When the network status is unstable, a use-after-free may occur when reading data from the server. BUG: KASAN: Use-after-free in readpagesfillpages+0x14c/0x7e0 Call...

7.8CVSS6.3AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix error handling code in ufxusbprobe The current error handling code in ufxusbprobe contains many inconsistencies. For example, the function ufxfreeusblist is missing, and the destroymodedb label should only...

5.5CVSS6.1AI score0.00178EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Firefox

When dragging and dropping an image across origins, the size of the image may be leaked. This behavior was present in version 109 and caused web compatibility issues, as well as this security concern. Therefore, this behavior was disabled until further review. This vulnerability affects Firefox...

6.5CVSS6.7AI score0.00767EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: serial: imx: Add the missing .thawnoirq hook The following warning occurs when using non-console UART instances during system hibernation: 37.371969 ------------ Cut here --- 37.376599 uart3rootclk already disabled 37.380810...

5.5CVSS6.3AI score0.00166EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Net: TLS – Fix for the WARNING message in skmsgfree. A splice operation with MSGSPLICEPAGES causes the TLS code to use the tlsswsendmsgsplice path to move the user-provided pages from the msg to the msgpl. This process loops over...

5.5CVSS6.3AI score0.00218EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ice: A NULL pointer dereferencing issue was fixed in iceupdatevsitxringstats. It is possible to cause a NULL pointer dereferencing in routines that update Tx ring statistics. Currently, only statistics and bytes are updated when...

5.5CVSS6.1AI score0.00207EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ovl: Fixed a NULL pointer dereference issue in the copy-up warning message. This patch addresses a NULL pointer dereference that caused a recently introduced warning message to fail...

5.5CVSS5.9AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: devlink: Report devlinkporttypewarn source device. devlinkporttypewarn is intended to be reported for ports that do not have a port type set. However, it is not easy to determine which device driver does not have a devlink por...

6.1AI score0.00224EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in docker.io

Moby is an open-source container framework developed by Docker Inc., distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component, dockerd, which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode, which is...

6.8CVSS6.8AI score0.00696EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: Fixed the DPE OoB read issue. A buffer-overflow vulnerability related to DPE reads has been addressed. The number of DPEs processed is limited to the amount that fits within the fixed-size NDP16 header...

7.1CVSS6.5AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Counter: rz-mtu3-cnt: prevents the counter from being toggled multiple times The runtime PM counter is incremented/decremented each time the sysfs enable file is written to. If a user writes 0 to the sysfs enable file multiple...

5.5CVSS6AI score0.00122EPSS
Exploits0References1
Total number of security vulnerabilities18102