Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in curl

When curl is used to retrieve and parse cookies from an HTTPS server, it accepts cookies using control codes that, when sent back to an HTTP server later, may cause the server to return 400 responses. This effectively allows a “sister site” to deny service to all other sibling sites...

3.7CVSS6.4AI score0.01839EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Vim

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404...

6.1CVSS6.7AI score0.00458EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

There is a use-after-free vulnerability in the ALSA PCM package within the Linux kernel. The SNDRVCTLIOCTLELEMREAD|WRITE32 function lacks locks that could be exploited in a use-after-free situation, potentially leading to an escalation of privileges to gain ring0 access from the system user. We...

7.9CVSS6.8AI score0.03702EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Wireshark

A crash in the CMS protocol dissector in Wireshark versions 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows for denial of service through packet injection or malicious capture files...

7.5CVSS7.1AI score0.01839EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Vim

NULL pointer dereferencing in the GitHub repository for vim/vim before version 9.0.0224...

6.6CVSS6.7AI score0.00454EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.17 views

Astra Linux – Vulnerability in Linux 5.10

The Linux kernel before version 5.18.13 lacked a clear mechanism for handling the block starting symbol .bss. This allowed Xen PV guest OS users to cause a denial of service or gain privileges...

7.8CVSS6.7AI score0.00863EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A memory write vulnerability that is outside the bounds of the system’s protection was discovered in the Linux kernel’s Kid-friendly Wired Controller driver. This vulnerability allows a local user to crash the system or potentially escalate their privileges. The issue lies in the bigbenprobe...

7.8CVSS6.7AI score0.00242EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in HAPProxy

A flaw was discovered in the way HAProxy processed HTTP responses containing the “Set-Cookie2” header. This flaw could allow an attacker to send crafted HTTP response packets, leading to an infinite loop and ultimately causing a denial-of-service condition. The most significant threat from this...

7.5CVSS7.1AI score0.16563EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in binutils

A issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in dcounttemplatesscopes in cp-demangle.c after multiple recursive calls...

5.5CVSS6.7AI score0.01813EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox

The return value from gfx::SourceSurfaceSkia::Map wasn’t verified, which could potentially lead to a null pointer dereferencing. This vulnerability affects Firefox versions less than 110...

7.5CVSS7.4AI score0.00622EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Using “after free” in the libavif library in Google Chrome before version 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption through a crafted image file. Chromium security severity: High...

8.8CVSS7.3AI score0.00653EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in HAPProxy

A vulnerability related to information leaks was discovered in HAProxy versions 2.1, 2.2 before 2.2.27, 2.3, and 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, and 2.7 before 2.7.1. There are 5 bytes that are not initialized in the connection buffer when encoding the FCGIBEGINREQUEST...

7.5CVSS7.1AI score0.01201EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Heimdal

The fix for CVE-2022-3437 involved changing the memcmp function to run in constant time, as well as providing a workaround for a compiler bug by adding comparisons of the result of memcmp with the value “!= 0”. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and...

7.5CVSS6.8AI score0.00491EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in gst-plugins-bad1.0

GStreamer MXF File Parsing: Integer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may va...

8.8CVSS7.9AI score0.01871EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A use-after-free flaw was discovered in the ext4remount function in the fs/ext4/super.c file within ext4 in the Linux kernel. This flaw allows a local user to cause an information leak issue when freeing the old quota file names before a potential failure, resulting in a use-after-free condition...

7.1CVSS6.7AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A issue was discovered in the Linux kernel before version 6.3.3. There is an out-of-bounds read in the crc16 function in lib/crc16.c when called from fs/ext4/super.c, because ext4groupdesccsum does not properly check an offset. NOTE: This issue is disputed by third parties, as the kernel is not...

5.5CVSS6.1AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

The Linux kernel before version 6.2.9 has a race condition, which can lead to a use-after-free issue in the drivers/net/ethernet/qualcomm/emac/emac.c file. This issue occurs when a physically nearby attacker disconnects an EMAC-based device...

6.4CVSS6.4AI score0.00355EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Tiff

A NULL pointer dereferencing in TIFFClose is caused by failing to open an output file a non-existent path or a path that requires permissions like /dev/null while specifying zones...

6.5CVSS6.8AI score0.01124EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in lua5.3

In Lua 5.3.5, there is a use-after-free issue in the luaupvaluejoin function in the lapi.c file. For example, an attacker can trigger a debug.upvaluejoin call, resulting in a crash, if they can establish certain relationships between the arguments passed to the function...

7.5CVSS6.7AI score0.17224EPSS
Exploits5References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel before version 6.1.13, there is a double-free in the net/mpls/afmpls.c file when an allocation failure occurs due to registering the sysctl table under a new location during the renaming of a device...

4.7CVSS6.7AI score0.00331EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A flaw was discovered in the Linux kernel’s networking code. A use-after-free occurred in the way the schsfb enqueue function utilized the socket buffer SKB cb field after the same SKB had been enqueued and freed into a child qdisc. This flaw allows a local, unprivileged user to cause a system...

5.5CVSS6.7AI score0.0045EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When encoding data from an inputStream in xpcom, the size of the input being encoded was not correctly calculated, potentially leading to an out-of-bounds memory write. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

8.8CVSS7.1AI score0.00737EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation with an unvalidated length at nfsreadlinkreply, located in the “if” block, after calculating the new path length...

9.8CVSS7AI score0.02403EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is a stack-based buffer overflow in the nfshandler reply helper function: nfsreadlinkreply...

9.8CVSS7.6AI score0.02488EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: udplite: Fixed a NULL pointer dereference in skmemraiseallocated. syzbot reported a NULL pointer dereference in skgetrmem0 while using IPPROTOUDPLITE 0x88: 14:25:52 executing program 1: r0 = socket$inet60xa, 0x80002, 0x88 We...

6AI score0.00173EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Golang-1.19

The html/template package does not follow the correct rules for handling occurrences of "", "" within JS literals in contexts. This may cause the template parser to incorrectly consider script contexts as being terminated early, resulting in actions being properly escaped incorrectly. This could ...

6.1CVSS6.7AI score0.00798EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation with an unvalidated length at nfsreadlinkreply in the “else” block, after calculating the new path length...

9.8CVSS7AI score0.0235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в u-boot

A carefully crafted self-referential DOS partition table will cause all Das U-Boot versions up to 2019.07-rc4 to infinitely recur, causing the stack to grow indefinitely. This could lead to a system crash or the overwriting of other data...

7.1CVSS6.7AI score0.00404EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ar5523: Fixed a use-after-free in ar5523cmd when it timed out. syzkaller reported a use-after-free with the stack trace as follows 1: 38.960489 C3 ================================================================== 38.963216...

5.9AI score0.00239EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: anysee: fixed the null-ptr-deref in anyseemasterxfer. In anyseemasterxfer, msg is controlled by the user. When msgi.buf is null and msgi.len is zero, previous checks on msgi.buf will still be performed. Malicious data will...

5.9AI score0.00184EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Waitress

Waitress version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value. If that value was not in the “chunked” format, it would proceed using the Content-Length header instead. According to the HTTP standard, Transfer-Encoding should be a comma-separated list, wit...

7.5CVSS6.3AI score0.02545EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

4.3CVSS6.8AI score0.01168EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in node-getobject

A vulnerability in the prototype pollution mechanism in the 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution...

9.8CVSS7.4AI score0.04031EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Using “after free” in WebGPU in Google Chrome before version 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.4AI score0.00998EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: media: rkisp1: Fixed the race condition related to interrupt disable. In rkisp1ispstop and rkisp1csidisable, the driver masks the interrupts and then assumes that the interrupt handler will not be running. However, this is not...

4.7CVSS5.4AI score0.00173EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in the Linux kernel before version 6.3.4. In the file fs/ksmbd/smb2pdu.c of ksmbd, there is a flaw where the UserName value is not properly checked. This occurs because the address of the security buffer is not taken into consideration, resulting in a out-of-bounds read...

9.1CVSS6.9AI score0.02975EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: Defer the garbage collection of registered files to iouring’s responsibility. Instead of having unixgc handle the registered files of iouring, we want iouring to handle them itself. The key here is to consider the...

7.8CVSS5.2AI score0.00153EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: qcs615: fixed a crash issue caused by an infinite loop for Coresight. An infinite loop was created by the Coresight devices. When only a source device is enabled, the coresightfindactivatedsysfssink function is...

5.5CVSS5.3AI score0.00158EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Thunderbird

Thunderbird does not check whether the user ID associated with an OpenPGP key has a valid self-signature. An attacker may create a forged version of an OpenPGP key, either by replacing the original user ID or by adding another user ID. If Thunderbird imports and accepts the forged key, the...

4.3CVSS6.5AI score0.0048EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.14 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dax: Fixed the issue where daxmappingrelease was called after the free operation. A test using CONFIGDEBUGKOBJECTRELEASE to remove a device-related dax region e.g., using modprobe -r daxhmem results in the following output:...

7.8CVSS5.9AI score0.00139EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Staging: vmeuser: Fixed a potential UAF in tsi148dmalistadd. A match report warning is as follows: drivers/staging/vmeuser/vmetsi148.c:1757 tsi148dmalistadd warning: “&entry-list” was not removed from list. In tsi148dmalistadd, t...

7.8CVSS5.8AI score0.00156EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Integer overflow in Skia in Google Chrome prior to version 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

9.6CVSS7.7AI score0.1963EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8723bs – fixed a potential memory leak in rtwinitcmdpriv. In rtwinitcmdpriv, if pcmdpriv-rspallocatedbuf is allocated incorrectly, then pcmdpriv-cmdallocatedbuf will not be released properly. Additionally, since there...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Vim

Out-of-bounds write in the GitHub repository for Vim/Vim before version 8.2...

7.8CVSS7.1AI score0.01527EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in openimageio

There is an information disclosure vulnerability in the OpenImageIO::decodeiptciim function of the OpenImageIO Project, version 2.3.19.0. A specially crafted TIFF file can lead to the disclosure of sensitive information. An attacker can provide a malicious file that triggers this vulnerability...

7.5CVSS7.1AI score0.01169EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In f2fssetxattr in fs/f2fs/xattr.c in the Linux kernel, as of version 5.15.11, there is a potential for out-of-bounds memory access when an inode has an invalid last xattr entry...

7.8CVSS6.3AI score0.00549EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/irdma: Fixed a data race on CQP completion statistics. CQP completion statistics is locked when used in irdmawaitevent and irdmacheckcqpprogress. However, it can also be updated in the completion thread irdmascccqgetcqein...

5.9AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath11k – Fixed a memory leak in the WMI firmware stats. The memory allocated for firmware pdev, vdev, and beacon statistics is not released during the rmmod process. This issue was fixed by calling the ath11kfwstatsfree...

5.5CVSS5.8AI score0.00135EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: s390/crypto: Use vector instructions only if they are available for ChaCha20. Commit 349d03ffd5f6 “crypto: s390 – add a crypto library interface for ChaCha20” added a library interface to the s390-specific ChaCha20...

6AI score0.00193EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: removed the callcontrol in inactive contexts. If the damoncall function is executed against a DAMON context that is not running, the function returns an error while keeping the damoncallcontrol object linked to the...

7.8CVSS5.8AI score0.00151EPSS
Exploits0References1
Total number of security vulnerabilities18102