Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet: fixed an out-of-bounds access in nvmetenableport. When attempting to enable a port for which no transport is currently configured, nvmetenableport uses NVMFTRTYPEMAX 255 to query the transports array, resulting in an...

7.1CVSS5.5AI score0.00142EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: Fixed to ensure that compressed blocks are persisted during checkpointing. If the data block in a compressed cluster is not persisted with metadata during a checkpoint, after SPOR, the data may become corrupted. W...

5.5CVSS5.3AI score0.00272EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RISCV: Use READONCENOCHECK in the imprecise unwinding stack mode. When CONFIGFRAMEPOINTER is not set, the stack unwinding function walkstackframe randomly reads from the stack. When KASAN is enabled, this can lead to the followin...

7.1CVSS6.1AI score0.00159EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – Use IWLFWCHECK for link ID checking The lookup function iwlmvmrcufwlinkidtolinkconf is typically called with inputs from the firmware. Therefore, it should use IWLFWCHECK instead of WARNON...

5.5CVSS6AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: The issue of underflow in the chain reference counter was fixed. The error in adding elements in the set element path causes the reference counter to be decremented twice—once when releasing an element and...

5.8AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fixed the race involving destroyworkonstack. The following debug object splat was observed during testing: ODEBUG: Freeing an active object active state 0: 0000000097d23782; Object type: workstruct; Hint:...

5.7AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handles SIGKILL by flushing the work and exiting. Instead of lingering until the device is closed, this resolves the issue by handling SIGKILL as follows: 1. Marking the worker as killed, so we no longer attempt to use...

5.5CVSS6AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed the null-ptr-deref issue in ibcorecleanup. KASAN reported a null-ptr-deref error: KASAN: Null pointer dereferencing in the range 0x0000000000000118–0x000000000000011f. CPU: 1; PID: 379. Hardware name: QEMU Standa...

5.5CVSS6.2AI score0.00172EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fixed the issue of accessing an invalid dipctx during the destruction of QP. If the system fails to modify QP to RTR, the dipctx will not be attached. During the destruction of QP, the invalid dipctx pointer will be...

5.5CVSS6.1AI score0.00172EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed an issue where asyncfreespace accounting for empty parcels was incorrect. In version 4.13, commit 74310e06be4d “android:binder: Move buffer out of area shared with user space” fixed a issue related to the visibility...

5.5CVSS5.9AI score0.00229EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Unregistering flowtable hooks upon netns exit. Unregistering flowtable hooks before they are released via nftablesflowtabledestroy; otherwise, the hook code may report a Use-After-Free error. BUG: KASAN:...

5.5CVSS6.5AI score0.00204EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: In the “send” operation, there is a issue with handling path ref underflow during the header iterate inoderef function. Change BUGON to proper error handling if building the path buffer fails. The pointers are not...

3.3CVSS6.7AI score0.00223EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8mm-verdin: Do not power down eth-phy Currently, if suspending the system using “freeze” or “memory state”, the fec driver attempts to power down the PHY, which leads to a kernel crash and an unresponsive kernel. T...

5.5CVSS5.6AI score0.00204EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fixed an integer overflow in ghesestatuspoolinit. The variable numghes was changed from int to unsigned int, preventing an overflow and causing subsequent vmalloc calls to fail. The overflow occurs in...

5.5CVSS6.4AI score0.0019EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fixed a race condition related to the per-CQ variable napiworkdone. After calling napicompletedone, the NAPIFSTATESCHED bit may be cleared, allowing another CPU to start a napi thread and access the per-CQ variable...

4.7CVSS6AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fixed a situation where a NULL pointer was dereferenced. The LRU mechanism may look up a resource during the process of removing it from an object. The locking rules for this operation are somewhat unclear, but it...

5.5CVSS5.7AI score0.00164EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Add a overflow check in sgxvalidateoffsetlength The sgxvalidateoffsetlength function verifies the "offset" and "length" arguments provided by the user space. However, there was a lack of an overflow check when these...

5.5CVSS5.9AI score0.00164EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fixed an UAF in svctcplistendataready After the listener svcsock is freed, and before invoking svctcpaccept for the established child sock, there is a window during which the newsock may retain the freed listener svcsock ...

7.8CVSS6.3AI score0.00215EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Thunderbird

During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird 78.7...

8.8CVSS6.8AI score0.00848EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in WebKit2GTK

A memory corruption issue has been resolved through improved validation. This issue is fixed in iOS 15.6, iPadOS 15.6, macOS Monterey 12.5, and Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS8.3AI score0.00799EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/edid: fixed an issue where information was leaked when attempting to obtain the panel ID. Be sure to clear the transfer buffer before retrieving the EDID, to avoid leaking slab data into logs in case of errors where the...

7.1CVSS6.5AI score0.00153EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed the NULL pointer dereferencing issue in the early fallback to fastopen. In the event of an early fallback to TCP, subflowsynrecvsock deletes the subflow context before returning the newly allocated socket to the...

5.2AI score0.00162EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the tpm subsystem, the TPM chip must be locked first during the tpmpmsuspend function. Setting TPMCHIPFLAGSUSPENDED at the end of tpmpmsuspend can be done more efficiently, as this provides a window during which tpmhwrngread c...

5.5CVSS6.2AI score0.00171EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in binutils

A issue was discovered in cp-demangle.c within GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplusdemangletype function making recursive calls to itself in certain scenarios involving many ‘P’ characters...

5.5CVSS6.3AI score0.01291EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox

If an attacker were able to alter specific about:config values for example, malware running on the user’s computer, the Devtools remote debugging feature might be enabled in a way that is unnoticed by the user. This would allow a remote attacker who can establish a direct network connection to th...

6.5CVSS7AI score0.01397EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be performed in constant time. Replace the memcmp function with the correct function, cryptomemneq...

7.4CVSS5.7AI score0.00392EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crashing when dealing with very long words. In cases where a console is set up to handle very large data, containing words that are truly long 256 characters, we need to stop processing before reaching the length o...

5.9CVSS5.7AI score0.00277EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Golang-1.19

If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates...

5.4CVSS6.7AI score0.00795EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irqwork has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-free in irqworkrunli...

7.8CVSS6.4AI score0.0026EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed the timeout of a call that has not yet been granted a channel. The afsmakecall function calls rxrpc.kernelbegincall to initiate a call which may get stalled in the background while waiting for a connection to become...

5.3AI score0.00166EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in hdf5

A vulnerability was discovered in H5Ofillnewdecode and H5Ofillolddecode within H5Ofill.c in the HDF HDF5 1.10.2 library. This could allow a remote denial of service or information disclosure attack...

8.1CVSS6.8AI score0.02948EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Chromium

The use of "after free" in Blink in Google Chrome before version 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.4AI score0.09401EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

An access issue has been resolved through improved access restrictions. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, and watchOS 10.3. A maliciously crafted webpage may be able to obtain user information...

6.5CVSS6.9AI score0.00921EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in htmldoc

A flaw was discovered in htmldoc in v1.9.12 and earlier versions. A stack buffer overflow in the parsetable function in ps-pdf.cxx may allow for the execution of arbitrary code and cause a denial of service attack...

7.8CVSS7.9AI score0.01387EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth instead of bitwidth for system memory accesses To comply with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be relied upon to always be at a clean 8-bit boundary. This issue was discovere...

5.5CVSS6.4AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed a data race around unixtotinflight. unixtotinflight is updated under spinlockunixgclock, but unixreleasesock reads it without locking. We will use READONCE for unixtotinflight...

5.6AI score0.00185EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Input: raydiumtsi2c – fixed a memory leak in raydiumi2csend A kmemleak occurs when testing raydiumi2cts using the bpf mock device: Unreferenced object 0xffff88812d3675a0 size 8: Comm “python3”, PID 349, Jiffies 4294741067 Age...

5.5CVSS6.2AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Timekeeping: The leap state of the auxiliary timekeeper must be adjusted to the correct value. When the doajdtimex function was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When this...

5.5CVSS5.3AI score0.001EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fixed a use-after-free bug in ndlcremove due to a race condition This bug affects both stncii2cremove and stncispiremove. Take stncii2cremove as an example. In stncii2cprobe, it calls ndlcprobe and binds &ndlc-smwork...

7.8CVSS6.2AI score0.0017EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed the use-of-memory issue in nreq in reqsktimerhandler. The referenced commit replaced inetcskreqskqueuedropandput with inetcskreqskqueuedrop and reqskput in reqsktimerhandler. Next, oreq should be passed to reqskput...

7.8CVSS6.2AI score0.0022EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbuscore Fixed NULL pointer dereferencing. Pass i2cclient to pmbusisenabled to remove the assumption that a regulator device is passed in. This will fix the issue of NULL pointer dereferencing when called from pmbusgetfla...

5.5CVSS5.8AI score0.00133EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: a potential memory leak has been fixed in mlx5einitreprx. The memory pointed to by the priv-rxres pointer is not freed during the error-prone execution of mlx5einitreprx, which can lead to a memory leak. This issue has...

6.1AI score0.00173EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 87.0.4280.141, using autofill in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...

9.6CVSS7.2AI score0.02239EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: udf: Do not update the file length for failed writes to inline files When writing to an inline file fails or only partially succeeds, we still update the length of the inline data as if the entire write operation was successful...

5.5CVSS6.1AI score0.00137EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: Make sure to wait for page writeback in memoryfailure. Our syzkaller triggers "BUGON!listempty&inode-iwblist" in clearinode: - Kernel bug at fs/inode.c:519! - Internal error: Oops – Bug: 0 1 SMP - Modules linke...

5.5CVSS6.2AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ext4: A bug related to delayed allocation was fixed in ext4clumapped for bigalloc and inline scenarios. When converting files with inline data to extents, delayed allocations made on a file system created with both bigalloc and...

5.5CVSS6.2AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Firefox and Thunderbird

An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking, violating the WebAuthn goals. This vulnerability affect...

6.5CVSS7AI score0.00594EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nouveau/dmem: handling of kcalloc allocation failures The kcalloc function in nouveaudmemevictchunk will return null if the physical memory runs out. As a result, if we dereference srcpfns, dstpfns, or dmaaddrs, null pointer...

5.5CVSS5.9AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cgroup, freezer: Hold cpuhotpluglock before freezermutex. syzbot reports a circular locking dependency between cpuhotpluglock and freezermutex. To address this issue, commit f5d39b020809 “freezer,sched: Rewrite core freezer...

7.8CVSS6.7AI score0.00141EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Set the new vector length before reallocating it. As part of fixing the allocation of the buffer for SVE states when changing the SME vector length, we introduced an immediate reallocation of the SVE state. This...

7.8CVSS6.1AI score0.00151EPSS
Exploits0References2
Total number of security vulnerabilities18102