Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fixed a memory leak in updateeth regs async When writing to the device registers asynchronously, and if usbsubmiturb fails, the code fails to release the resources allocated for this process...

5.5CVSS6.2AI score0.00149EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: hwmon: The macro FANFROMREG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Check to Time-of-Use TOCTOU race conditions, potentially causing divide-by-zer...

4.7CVSS6AI score0.00089EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: tipc: Fixed a use-after-free in tipcmonreinitself. syzbot reported a use-after-free of tipcnetnet-monitors in tipcmonreinitself. The array is protected by RTNL, but tipcmonreinitself iterates over it without using RTNL...

6.5AI score0.00189EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fixed a use-after-free issue when updating multicast route statistics. The cited commit added a dedicated mutex instead of RTNL to protect the multicast route list. This ensures that the list does not change...

6.6AI score0.00173EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: Added a missing check for allocorderedworkqueue. Added a check on the return value of allocorderedworkqueue, as it may return a NULL pointer, causing a NULL pointer dereferencing in hdmihdcp.c and hdmihpd.c. Patch...

5.3AI score0.00177EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drmcopyfield from attempting to copy a NULL pointer. There are some fields in the struct drmdriver structure that are required by drivers. Since drmcopyfield attempts to copy these fields to user-space via...

5.9AI score0.00196EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed the link-down processing to address the issue of NULL pointer dereferencing. If a FC link-down transition occurs while PLOGIs are outstanding and the fabric-known addresses are involved, outstanding ABTS request...

5.5CVSS6.2AI score0.00228EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Golang versions 1.15, 1.19, and 1.23

The net/http package improperly accepts a bare LF as a line terminator in chunked data with fixed-sized chunks. This can allow for request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext...

9.1CVSS6.8AI score0.00778EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ip6vti: The issue of “slab-use-after-free” in decodesession6 has been fixed. When the ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. This can lead to a...

6.3AI score0.00225EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: blk-throttle: Fixed an access race issue during the activation of the throttle policy. Upon repeated cold boots, we occasionally encounter a NULL pointer crash in blkshouldthrotl, when checking the throttle policy before the...

6AI score0.00238EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dm flakey: fixed an crash caused by an invalid table line. This command will cause a crash when using a NULL pointer dereference: dmsetup create flakey --table "0 blockdev --getsize /dev/ram0 flakey /dev/ram0 0 0 1 2 corruptbioby...

5.2AI score0.00203EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ptp: A possible memory leak has been fixed in ptpclockregister. I encountered a memory leak during the fault injection test. The affected object is as follows: 0xffff88800906c618 size: 8 bytes: comm "i2c-idt82p33931", pid 4421,...

5.5CVSS6AI score0.00237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In md/raid10, the issue of null-ptr-deref in raid10syncrequest has been fixed. In initresync, the mempool is initialized, and conf-havereplacemnt is set to 0 at the beginning of the sync process. closesync frees the mempool when...

5.9AI score0.00225EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в pygments

A ReDoS issue was discovered in the pygments/lexers/smithy.py file within pygments, as of version 2.15.0, due to the use of SmithyLexer...

5.5CVSS6.2AI score0.00503EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext2: Check block size validity during mount It is necessary to ensure that the value of the block size recorded in the superblock is valid. Otherwise, the shift operation used to calculate the block size may overflow, resulting ...

7.8CVSS5.3AI score0.00143EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.19 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: pcie: Fixed an integer overflow in the iwlwritetouserbuf function. An integer overflow occurs in the iwlwritetouserbuf function, which is called by the iwldbgfsmonitordataread function. The function is as follows: ...

7.8CVSS5.5AI score0.00158EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in openssl1.0

Calls to the EVPCipherUpdate, EVPEncryptUpdate, and EVPDecryptUpdate functions may cause the output length argument to overflow in some cases where the input length is close to the maximum permissible length for integers on the platform. In such cases, the return value from the function call will...

7.5CVSS6.6AI score0.50732EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Mariadb 10.3

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. The supported versions affected are 5.7.33 and earlier, as well as 8.0.23 and earlier. This easily exploitable vulnerability allows a highly privileged attacker with network access via multiple protocols to compromi...

4.9CVSS6.7AI score0.04643EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in SQLite3

In SQLite 3.31.1, the isAuxiliaryVtabOperator function allows attackers to trigger a NULL pointer dereferencing and segmentation fault due to generated column optimizations...

7.5CVSS6.9AI score0.03683EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Consul

The HashiCorp Consul and Consul Enterprise versions up to 1.9.4 had a key-value KV raw mode that was vulnerable to cross-site scripting attacks. This issue was fixed in versions 1.9.5, 1.8.10, and 1.7.14...

6.1CVSS6.3AI score0.06095EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in libvirt

A NULL pointer dereference was detected in the libvirt API, which was introduced in the upstream version 3.10.0 and fixed in libvirt 6.0.0. This issue relates to the retrieval of a storage pool based on its target path. More specifically, this flaw affects storage pools created without a target...

6.5CVSS6.8AI score0.02363EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in sysstat

Before version 12.1.6, sysstat experienced memory corruption due to an integer overflow in the remapstruct function in sacommon.c...

5.5CVSS6.8AI score0.01533EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in openssl1.0

In situations where an attacker receives automated notifications of the success or failure of a decryption attempt, an attacker can recover the CMS/PKCS7 transport encryption key after sending a very large number of messages to be decrypted. They can also decrypt any RSA-encrypted message encrypt...

4.3CVSS6.6AI score0.03838EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Apache2

A carefully crafted request URI-path can cause modproxyuwsgi to exceed the allocated memory and crash DoS. This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 inclusive...

7.5CVSS7AI score0.62887EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in lz4

There is a flaw in lz4. An attacker who submits a crafted file to an application that uses lz4 may be able to trigger an integer overflow, resulting in the call to memmove with a negative size argument. This can lead to an out-of-bounds write and/or a system crash. The most significant impact of...

9.8CVSS6.7AI score0.03216EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux

Improper input validation in the IntelR Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access...

5.5CVSS6.7AI score0.00286EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Ruby 2.5

In RDoc 3.11 through 6.x, as distributed with Ruby up to 3.0.1, it was possible to execute arbitrary code using | and tags within a filename...

7CVSS7AI score0.0148EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium, LibXSLT

Before version 91.0.4472.164, using Blink XSLT in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS6.8AI score0.21623EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in OpenLDAP

In OpenLDAP versions 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function due to a malicious packet. This leads to a denial of service daemon exits caused by a short timestamp. This issue is related to the schemainit.c file and the...

7.5CVSS7.1AI score0.64147EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Performing garbage collection on re-declared JavaScript variables led to a “user-after-poison” situation, and potentially caused a exploitable crash. This vulnerability affects Firefox 85, Thunderbird 78.7, and Firefox ESR 78.7...

8.8CVSS7.3AI score0.01196EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in curl

A user can specify that curl = 7.20.0 and = 7.78.0 requires a successful upgrade to TLS when communicating with IMAP, POP3, or FTP servers. This is achieved by using the --ssl-reqd option on the command line, or setting CURLOPT USESSL to CURLUSESSLCONTROL or CURLUSESSLALL with licurl. This...

7.5CVSS6.5AI score0.04224EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.01144EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in gnutls28

A flaw was discovered in gnutls. A use-after-free issue in clientsendparams in lib/ext/presharedkey.c may lead to memory corruption and other potential problems...

9.8CVSS7AI score0.03444EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in curl

Curl versions 7.20.0 through 7.70.0 are vulnerable to improper restrictions on the names of files and other resources, which can lead to overwriting of local files when the -J flag is used...

7.8CVSS6.8AI score0.01236EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in OpenLDAP

A flaw was discovered in OpenLDAP before version 2.4.57, which led to an assertion failure in slapd’s saslAuthzTo validation process, resulting in a denial of service...

7.5CVSS6.9AI score0.77738EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in OpenLDAP

An integer underflow was discovered in OpenLDAP before version 2.4.57, which led to slapd crashes during the Certificate Exact Assertion processing, resulting in a denial of service schemainit.c serialNumberAndIssuerCheck...

7.5CVSS6.8AI score0.84224EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Ansible

A race condition flaw was discovered in Ansible Engine 2.7.17 and earlier versions, as well as 2.8.9 and earlier, and 2.9.6 and earlier. This issue occurs when running a playbook with an unprivileged “become user” command. When Ansible needs to execute a module with the “become user” command, a...

5CVSS6.7AI score0.004EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible Engine. This flaw occurs in all versions of Ansible Engine from 2.7.x, 2.8.x, and 2.9.x, up to 2.7.17, 2.8.9, and 2.9.6. The issue arises when using ansiblefacts as a subkey of itself and promoting it to a variable when inject is enabled. After a clean operation,...

7.9CVSS6.9AI score0.00345EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Apache2

The Apache HTTP Server versions 2.4.6 to 2.4.46, with the modproxywstunnel module configured, were used to handle a URL request. The origin server did not necessarily upgrade this connection. As a result, subsequent requests using the same connection could be processed without any HTTP validation...

5.3CVSS6.8AI score0.60266EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libarchive

A vulnerability has been identified in the libarchive library. This flaw can lead to an over-reading of the heap buffer, as the size of a filter block may exceed the Lempel-Ziv-Storer-Schieber LZSS window. This means that the library may attempt to read beyond the allocated memory buffer, which c...

6.6CVSS6.1AI score0.00163EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libsoup2.4

A flaw was discovered in libsoup. The libsoup appendparamquoted function may contain an overflow bug, which can lead to a buffer under-read...

5.9CVSS6.8AI score0.00714EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ice: Fixed a memory leak in aRFS after reset. The memory leak in aRFS structures was fixed by adding a check to verify whether the aRFS memory has already been allocated during VSI configuration. aRFS objects are allocated in two...

5.5CVSS6.4AI score0.00182EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: vrf: Use RCU protection in l3mdevl3out. l3mdevl3out can be called without RCU being held: rawsendmsg ippushpendingframes ipsendskb iplocalout iplocalout l3mdevipout Add rcureadlock / rcureadunlock pairs to avoid a potential...

7.8CVSS6.7AI score0.00246EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fixed a panic that occurred during the removal of an interface. Reference counting is used to ensure that batadvhardifneighnode and batadvhardiface are not freed before/during the completion of...

5.5CVSS6.4AI score0.00205EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: openvswitch: Use RCU protection in ovsvportcmdfillinfo. ovsvportcmdfillinfo can be called without RTNL or RCU. Use RCU protection and devnetrcu to avoid potential UAF Use-After-Free errors...

7.8CVSS6.5AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to another Lion Ackermann was able to create a Use-after-Allocation UAF that can be abused for privilege escalation using the following scripts: Step 1: Create a root...

7.8CVSS6.4AI score0.00228EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fixed the information leak in the triggered buffer. The data array is allocated using kmalloc, and it is used to push data to user space from the triggered buffer. However, it does not set values...

7.1CVSS6.4AI score0.00214EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ubifs: Authentication: Fixed a use-after-free in ubifstncendcommit. After an insertion in TNC, the tree may split, causing a node to change its znode-parent. Further deletions of other nodes in the tree which could also free thos...

7.8CVSS6.4AI score0.00285EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: EDAC/bluefield: Fixed potential integer overflows. The 64-bit argument for the “get DIMM info” SMC call consists of memctrlidx, which is left-shifted by 16 bits and OR-ed with the DIMM index. Since memctrlidx is defined as a 32-b...

5.5CVSS6.4AI score0.00219EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: A missing range check was added in bitmapipuadt. When tbIPSETATTRIPTO is not present, but tbIPSETATTRCIDR exists, the values of ip and ipto are slightly swapped. As a result, the range check for ip should be...

7.8CVSS6.4AI score0.00396EPSS
Exploits0References2
Total number of security vulnerabilities18102