Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Git

Git is an open-source distributed revision control system. In affected versions of Git, a specially crafted repository containing symbolic links and files processed by clean/smudge filters like Git LFS may cause a just-checked-out script to be executed when cloning to a case-insensitive file syst...

8CVSS7AI score0.88644EPSS
Exploits5References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

In Google Chrome browsers, out-of-bounds memory access in V8 was possible before version 89.0.4389.72. This allowed a remote attacker to potentially perform out-of-bounds memory access through a crafted HTML page...

8.8CVSS7.7AI score0.01415EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in gnutls28

A flaw was discovered in gnutls. A use-after-free issue in the client’s sending of the keyshare extension may lead to memory corruption and other related issues...

9.8CVSS6.7AI score0.03751EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in curl

Curl versions 7.62.0 through 7.70.0 are vulnerable to an information disclosure vulnerability that can result in a partial password being leaked over the network and to the DNS servers...

7.5CVSS6.8AI score0.03427EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in OpenLDAP

An integer underflow was discovered in OpenLDAP before version 2.4.57. This issue led to a crash in the slapd process during the Certificate List Exact Assertion processing, resulting in a denial of service...

7.5CVSS7AI score0.83381EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in OpenLDAP

A flaw was discovered in OpenLDAP before version 2.4.57, which led to an invalid pointer issue and a crash in the slapd process during the saslAuthzTo processing step. This caused a denial-of-service attack...

7.5CVSS7AI score0.043EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06, where it incorrectly enabled the use of the ACPI command when Secure Boot was enabled. This flaw allows an attacker with privileged access to create a Secondary System Description Table SSDT containing code that can overwrite the Linux...

7.5CVSS6.8AI score0.01738EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libseccomp

In versions of libsseccomp before 2.4.0, 64-bit syscall argument comparisons using arithmetic operators LT, GT, LE, GE were not generated correctly. This issue could potentially allow bypassing seccomp filters and leading to potential privilege escalations...

9.8CVSS6.8AI score0.03041EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fixed an out-of-bounds access on systems with CPU-less NUMA nodes. Currently, the loadmicrocodeamd function iterates over all NUMA nodes, retrieves their CPU masks, and accesses per-CPU data for the first CPU o...

7.8CVSS6.4AI score0.00195EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: Do not update the checksum in bnxtxdpbuildskb. The bnxtrxpkt function updates the ipsummed value at the end if the checksum offload is enabled. When the XDP-MB program is executed and returns XDPPASS, the bnxtxdpbuilds...

5.5CVSS6.4AI score0.00191EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: VLAN: Enforcing the underlying device type Currently, VLAN devices can be created on top of non-Ethernet devices. Aside from the fact that this approach doesn’t make much sense, it also causes a bug that leads to the leakage of t...

7.1CVSS6.4AI score0.00202EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Nilfs2: Protection of access to buffers is implemented, ensuring that buffers with no active references are not accessed directly. The function nilfslookupdirtydatabuffers iterates through buffers attached to dirty data...

7.8CVSS6.3AI score0.00216EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ndisc: Extended RCU protection has been added to ndiscsendskb. The ndiscsendskb function can be called without holding RTNL or RCU. The rcureadlock function must be acquired earlier, so that we can use devnetrcu, and potential...

7.8CVSS6.5AI score0.09117EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the net structure via current is not recommended for various reasons: - Inconsistency: obtaining information from th...

5.5CVSS6.3AI score0.00229EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in glibc

When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information. This may lead to a buffer overflow if the size of the message string matches the page size...

6.2CVSS6.9AI score0.00349EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: platform/x86: int3472: Check if adev is NULL. Not all devices have an ACPI companion fwnode; therefore, adev might be NULL. This can, for example theoretically, occur when a user manually binds one of the int3472 drivers to anoth...

5.5CVSS6.3AI score0.00202EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: jffs2: Prevent rtime decompression memory corruption The rtime decompression routine does not fully check bounds during the entire decompression process. As a result, it may corrupt memory outside the decompression buffer if the...

7.8CVSS6.4AI score0.00215EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: xtables: fixed the LED ID check in ledtgcheck Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Size 1 was read at address ffff8881022da0c8 by task repro/587...

7.1CVSS6.5AI score0.00257EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: inet6: Do not leave a dangling sk pointer in inet6create. sockinitdata attaches the allocated sk pointer to the provided sock object. If inet6create fails later, the sk object is released, but the sock object retains the...

7.8CVSS6.4AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: Fix for a use-after-free after an invalid ref action. After calling btrfsreftreemod, if we successfully insert the new ref entry local variable 'ref' into the respective block entry’s rbtree local variable 'be,...

7.8CVSS6.4AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ovl: Filtering invalid inodes with a missing lookup function. A check has been added to the ovldentryweird function to prevent the processing of directory inodes that lack the lookup function. This is important because such inode...

7.8CVSS6.4AI score0.0023EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed out-of-bounds reads when finding clock sources The current USB-audio driver code does not check the bLength value of each descriptor during traversal. This means that when a device provides a bogus descript...

7.1CVSS6.5AI score0.01325EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fbdev: sisfb: Fixed strbuf array overflow issue. The values of the variables xres and yres are stored in strbuf. These variables are obtained from strbuf1. The strbuf1 array contains digit characters, and a space if the array...

7.8CVSS6.6AI score0.00255EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: Added “cancelworksync” before module remove. If we remove the module that will call mpc52xxspiremove, it will free ‘ms’ through spiunregistercontroller. Meanwhile, the work stored in ms-work will remain unused. This...

7.8CVSS6.4AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k: fixed out-of-bounds access to the array in SoC stats Currently, the ath11ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX. However, the function ath11kdpprocessrx accesses...

7.8CVSS6.4AI score0.00258EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/smc: Check ipareaoffset and ipv6prefixescnt when receiving a proposal message. When receiving a proposal message from the server, the fields ipareaoffset and ipv6prefixescnt in the proposal message come from the remote client...

5.5CVSS6.4AI score0.00214EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: kirin – A buffer overflow issue was addressed in kirinpcieparseport. Within kirinpcieparseport, the value of pcie-numslots is compared to pcie-gpioidreset.size which is equal to MAXPCISLOTS. This comparison is correct;...

7.8CVSS6.8AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Avoid out-of-bounds access when system.data modifies xattr under the filesystem. When searching an inline directory, if evalueoffs is changed under the filesystem due to a change in the block device, it may lead to an...

7.8CVSS6.6AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not trigger BUGON due to ENOMEM from btrfslookupextentinfo in walkdownproc. We have properly handled errors here. ENOMEM is not fatal; we return the error instead...

5.5CVSS6.4AI score0.00238EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor Ensure that the descriptor has been set before checking maxpacket. This fixes a null pointer panic in this case. This issue may occur if the gadget does not properly set up the endpoi...

5.5CVSS6.3AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Tracing: A overflow issue in getfreeelt has been fixed. The variable tracingmap-nextelt is at risk of overflowing. Once it overflows, new elements can still be inserted into the tracingmap, even though the maximum number of...

5.5CVSS6.4AI score0.00255EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: devres: A memory leak caused by the driver API devmfreepercpu has been fixed. A memory leak occurs when the driver API devmfreepercpu is used to release memory allocated by devmallocpercpu. This issue was addressed by using...

5.5CVSS6.3AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: usb: qmiwwan: fix a memory leak for non-IP packets. Free the unused skb objects when no non-IP packets arrive...

5.5CVSS6.4AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fixed the null pointer dereferencing in cdvintellvdsgetmodes. In cdvintellvdsgetmodes, the return value of drmmodeduplicate is assigned to mode. This can lead to a NULL pointer dereferencing in case of a failure of...

5.5CVSS6.3AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check the pipe offset before setting vblank. The size of pipectx is MAXPIPES; therefore, its index must be checked before accessing the array. This fix addresses an OVERRUN issue reported by Coverity...

7.8CVSS6.3AI score0.00263EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/restrack: Fixed potential invalid address access issues. The kernname of the struct rdmarestrackentry was set to KBUILDMODNAME in the ibcreatecq function. If the module exits but forgets to remove this rdmarestrackentry, ...

5.5CVSS6.5AI score0.0023EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Do not allow mapping the MMIO HDP page with large pages. In that case, we do not receive the correct offset. The GPU has an unused 4K area of the register BAR space, into which we can remap registers. We remap the HDP...

7.8CVSS6.3AI score0.00223EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: kdb: Buffer overflow issue during tab-complete has been fixed. Currently, when a user attempts symbol completion using the Tab key, kdb uses strncpy to insert the completed symbol into the command buffer. Unfortunately, it passes...

7.8CVSS6.5AI score0.00256EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: SCSI: BFA – Ensure that the copied buffer is terminated with NUL characters. Currently, we allocate a kernel buffer of size nbytes and copy nbytes from user space to that buffer. Later, we use sscanf on this buffer, but we do not...

7.1CVSS6.4AI score0.00265EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: corrected the incorrect free operation in pinctrlenable. The “pctldev” structure is allocated in devmpinctrlregisterandinit. It’s a devmmanaged pointer that is freed by devmpinctrldevrelease. Therefore, freeing it ...

7.8CVSS6.4AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: qca – added missing firmware sanity checks. Added missing sanity checks when parsing the firmware files before downloading them. This prevents access to and corruption of memory beyond the vmalloced buffer...

7.8CVSS6.5AI score0.00248EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in bind9

If a server hosts a zone containing a “KEY” Resource Record, or if a resolver validates a “KEY” Resource Record from a DNSSEC-signed domain in its cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

7.5CVSS7.5AI score0.02114EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in docker.io-app

Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins AuthZ under specific circumstances. The likelihood of this being exploited...

9.9CVSS6.8AI score0.16496EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in bluez

BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability, as the target must connect...

8CVSS7.7AI score0.01493EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in Tomcat9

Improper handling of the case sensitivity vulnerability in Apache Tomcat’s GCI servlet allows bypassing security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat versions from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through...

7.3CVSS7AI score0.02736EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Python 3.11

It allows the extraction filter to be ignored, enabling symlink targets to point outside the destination directory, and modifying some file metadata. This vulnerability affects users who use the TarFile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract, with the...

7.5CVSS6.5AI score0.00805EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed an array-index-out-of-bounds read in addmissingindices. stbl is an s8 type, but it must contain offsets into slots that can range from 0 to 127. A bound check was added for this error, and the error code -EIO will be...

7.1CVSS6.2AI score0.00151EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.15 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13...

4.8CVSS5.8AI score0.00971EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in emacs

A command injection flaw was discovered in the text editor Emacs. This flaw could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirec...

8.8CVSS7.6AI score0.0256EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Tomcat9

The vulnerability involving uncontrolled resource consumption in the Apache Tomcat-based example web applications leads to a denial-of-service attack. This issue affects Apache Tomcat versions as follows: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, and from 9.0.0.M1 through...

5.3CVSS6.8AI score0.01952EPSS
Exploits0References2
Total number of security vulnerabilities18102