Lucene search
+L
AstralinuxRecent

18102 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: gpio: loongson-64bit: Fixed an incorrect NULL check after devmkcalloc Fixed an incorrect NULL check in loongsongpioinitirqchip. The function checks chip-parent instead of chip-irq.parents...

5.5CVSS5.4AI score0.001EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: The GPIO controller is set up later in the probe function. The GPIO controller component of the sc16is7xx driver is also set up too early, which can lead to a race condition where another device attempts to...

5.3AI score0.00175EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/smc: The use of smclgrlist.lock is required to protect the iteration of smclgrlist.list during smcrportadd. During the execution of smcrportadd, there may be operations that add or delete entries from smclgrlist.list at the...

6AI score0.00174EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in exempi

A buffer overflow vulnerability exists in WEBPSupport.cpp in exempi 2.5.0 and earlier, allowing remote attackers to cause a denial of service by opening crafted webp files...

6.5CVSS7AI score0.00797EPSS
Exploits1References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: core: Fixed a regression related to the removal of the procfs host directory. The scsiprochostdirrm function decreases a reference counter; therefore, it should only be called once per host that is removed. This change...

5.5CVSS5.8AI score0.00166EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: The pointer to debugfsdir is set to NULL after removing debugfs. If init debugfs fails during device registration due to a memory allocation failure, the function debugfsremoverecursive is called. However, debugfsd...

5.5CVSS6AI score0.00239EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “wifi: mac80211: fix memory leak in ieee80211ifadd” This resolution involves committing changes in commit 13e5afd3d773c6fc6ca2b89027befaaaa1ea7293. The function ieee80211iffree is already called from freenetdevndev, because...

5.5CVSS6.2AI score0.00176EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: mmcspi: fixed error handling in mmcspiprobe If mmcaddhost fails, there is no need to call mmcremovehost; otherwise, it may cause a null-ptr-deref issue, due to deleting a device that was not properly added in mmcremovehost. ...

5.5CVSS5.1AI score0.0025EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in ruby-rails-html-sanitizer

Rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions starting from 1.0.3 and before 1.4.4 are vulnerable to cross-site scripting through data URIs when used in conjunction with Loofah version 2.1.0 or higher. This issue has been fixed in version 1.4.4...

6.1CVSS5.9AI score0.00867EPSS
Exploits1References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in rabbitmq-server

RabbitMQ is a multi-protocol messaging and streaming broker. The HTTP API does not enforce a limit on the size of HTTP request bodies, making it vulnerable to Denial of Service DoS attacks involving very large messages. A verified user with sufficient credentials can publish very large messages...

4.9CVSS6.2AI score0.01077EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: mctp: It now takes ownership of the skb in mctplocaloutput. Currently, mctplocaloutput only takes ownership of the skb on a successful operation. In some cases where mctplocaloutput fails, we might leak the skb. Ownership of...

5.5CVSS5.8AI score0.00219EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpi3mr: Fixed the throttlegroups memory leak. Added a missing kfree function...

5.5CVSS5.8AI score0.00152EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciconn: Fixed memory leaks When hcicmdsyncqueue fails in hcileterminatebig or hcilebigterminate, the memory pointed to by the variable d is not freed, which can lead to memory leaks. A release mechanism should be...

5.5CVSS6AI score0.00149EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: pinctrl: aspeed: Fixed a potential NULL dereferencing in aspeedpinmuxsetmux. pdesc could potentially be null, but still, dereferencing pdesc-name would lead to a NULL pointer access. Therefore, we moved a null check before the...

5.5CVSS6.4AI score0.00242EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: The WARNON message was removed from the f2fsisvalidblkaddr function. The Syzbot triggers two WARN messages in f2fsisvalidblkaddr and isbitmapvalid. For example, in f2fsisvalidblkaddr, if the type parameter is...

5.5CVSS6AI score0.00247EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: dsa: don’t leak tagger-owned storage on switch driver unbind In the initial commit dc452a471dba, we had a issue where a call to tagops-disconnectdst was issued from dsatreefree, which was called during the tree teardown...

5.5CVSS5.4AI score0.0014EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: Fixed the requirement that devices managed by PME polling must be in the RPMACTIVE state. The fix notes that devices managed by runtime PM need to be in the RPMACTIVE state for PME polling. In fact, only devices in low-power...

6.2CVSS6AI score0.0023EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Freeing irq vectors in order for v3 HW If the driver probe fails to request the channel IRQ or fatal IRQ, the driver will free the IRQ vectors before freeing the IRQs in freeirq. This will cause a kernel BUG like...

5.5CVSS6AI score0.00252EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: irqchip/apple-aic: A refcount leak was fixed in aicoficinit. ofgetchildbyname returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Add the missing ofnodeput...

5.5CVSS6AI score0.00209EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in libde265

There is an incorrect access control vulnerability in libde265 v1.0.8 due to a SEGV in slice.cc...

6.5CVSS6.4AI score0.01321EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: dsa: Fixed a panic that occurred when the DSA master device unbinds during shutdown. Rafael reported that on a system with LX2160A and Marvell DSA switches, if a reboot occurs while the DSA master dpaa2-eth is active, the...

5.5CVSS5.8AI score0.00268EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should never dereference a NULL pointer, as drmatomicgetnewbridgestate may return such a pointer. Instead, a fixed format should be used instead...

5.5CVSS5AI score0.00207EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

A issue was discovered in the Linux kernel before version 6.0.11. Missing validation of the number of channels in the drivers/net/wireless/microchip/wilc1000/cfg80211.c file in the WILC1000 wireless driver can lead to a heap-based buffer overflow when copying the list of operating channels from...

7.8CVSS6.9AI score0.00329EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When accessing directory listings for chrome:// URLs as source text, certain parameters are reflected. This vulnerability affects Firefox ESR 102.1, Firefox ESR 91.12, Firefox 103, Thunderbird 102.1, and Thunderbird 91.12...

5.3CVSS6.8AI score0.00493EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host – Added an alignment check for the event ring read pointer. Although we check the event ring read pointer using “isvalidringptr” to ensure it is within the buffer range, there is another risk that the pointer might...

7.8CVSS5.6AI score0.00279EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ixgbevf: Fixed a resource leak in ixgbevfinitmodule. ixgbevfinitmodule no longer destroys the workqueue created by createsinglethreadworkqueue when pciregisterdriver fails. Added destroyworkqueue in the failure path to prevent...

5.5CVSS6.4AI score0.00245EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in the 389-DS-base

When binding against a DN during authentication, the response from 389-ds-base will differ depending on whether the DN exists or not. This can be exploited by an unauthenticated attacker to check the existence of an entry in the LDAP database...

5.3CVSS5.7AI score0.01538EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Nouveau/UVMM: Fixed calculations of addresses/ranges for remap operations. The issue with dEQP-VK.sparseresources.imagerebind.2darray.r64i.1281288 was causing a remap operation like the one below: opremap: prev: 0000003fffed00...

5.5CVSS6.3AI score0.00222EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A NULL pointer dereference flaw was discovered in the az6027 driver, located in the file drivers/media/usb/dev-usb/az6027.c within the Linux Kernel. The message from the user space is not properly checked before being transferred to the device. This flaw could allow a local user to crash the syst...

5.5CVSS6.6AI score0.00226EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: ipvs: fixed an error in ipvscleanupbatch. During the initialization of ipvsconnnetinit, if the files ipvsconn or ipvsconnsync fail to be created, the initialization is successful by default. Therefore, the ipvsconn or...

5.5CVSS6.2AI score0.00173EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: mISDN: fixed an issue involving misuse of putdevice in mISDNregisterdevice. We should not release references to putdevice before calling deviceinitialize...

5.5CVSS6.2AI score0.00166EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Golang-1.15

In Go, encoding/xml in versions prior to 1.15.9 and 1.16.x prior to 1.16.1 can lead to an infinite loop if a custom TokenReader used for xml.NewTokenDecoder returns EOF midway through an element. This issue can occur in the Decode, DecodeElement, or Skip methods...

7.5CVSS7.1AI score0.02543EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fixed the issue where the connection was used after freeing it during resets. If we haven’t performed a unbindtarget call, we can encounter a race condition where iscsiconnteardown wakes up the EH thread, and then...

7.8CVSS6.2AI score0.00253EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Samba

A flaw was discovered in the way samba handled file and directory permissions. A authenticated user could exploit this flaw to gain access to certain file and directory information that would otherwise be unavailable to the attacker...

4.3CVSS6.3AI score0.01521EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in SQLite3

In SQLite 3.30.1, selectExpander in select.c continues with the WITH stack unwinding process even after a parsing error occurs...

7.5CVSS6.8AI score0.03622EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in libuv1

Node.js versions prior to 16.4.1, 14.17.2, and 12.22.2 are vulnerable to an out-of-bounds read when the uvidnatoascii function is used to convert strings to ASCII. The pointer p is read and incremented without checking whether it lies beyond pe, where pe holds a pointer to the end of the buffer...

5.3CVSS6.7AI score0.23132EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file...

5.5CVSS6.6AI score0.01336EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out-of-bounds memory access via a crafted HTML page...

8.8CVSS7.7AI score0.1677EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in RustC

In the standard library of Rust before version 1.49.0, VecDeque::makecontiguous has a bug where the same element may be popped more than once under certain conditions. This bug could lead to a use-after-free or double-free situation...

9.8CVSS8.2AI score0.01676EPSS
Exploits1References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in WebKit2GTK

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2, iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, and iTunes 12.11 for Windows...

7.8CVSS7.2AI score0.01361EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.18 views

Astra Linux – Vulnerability in Wireshark

A memory leak in the Kafka protocol dissector in Wireshark versions 3.4.0 and 3.2.0 to 3.2.8 allows for denial of service through packet injection or malicious capture files...

5.3CVSS6.6AI score0.02965EPSS
Exploits1References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in ffmpeg

A buffer overflow vulnerability exists in FFmpeg 4.2, specifically in the filtervertically8 function within libavfilter/vfavgblur.c. This vulnerability could lead to a remote Denial of Service attack...

6.5CVSS6.7AI score0.01695EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: A reference count leak was fixed in hshewephaslimitsbox. The pcigetdevice function will increase the reference count of the returned ‘dev’. We need to call pcidevput to decrease the reference count. Since...

5.5CVSS6AI score0.00146EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Disabling INVLPGB on Zen2 AMD Cyan Skillfish Family 17h, Model 47h, Stepping 0h has a issue that causes system errors and panics when performing TLB flush using INVLPGB. However, the problem arises from misconfigured...

5.5CVSS5.2AI score0.00119EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: jbd2: fixed a potential use-after-free issue in jbd2fcwaitbufs. In jbd2fcwaitbufs, using bh after referencing the buffer’s head count may lead to a use-after-free condition. Therefore, ensure that the buffer is updated before...

7.8CVSS6.3AI score0.00149EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fixed a memory leak in kvmipidestroy In kvmioctlcreatedevice, kvmdevice has allocated memory. kvmdevice-destroy seems to be supposed to free up the kvmdevice structure, but kvmipidestroy does not do this currently...

5.9AI score0.00194EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the refcount leak for PCI devices According to the comments on pcigetdomainbusandslot, it returns a PCI device with a refcount that increments after use. Therefore, the caller must decrement the reference count ...

5.9AI score0.002EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Ring Buffer: Do not swap the cpubuffer during the resize process When the ringbufferswapcpu function is called during the resize process, the cpu buffer is swapped in the middle, resulting in an incorrect state. Continuing to run...

5.6AI score0.00183EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Rejects invalid reloc tree root keys with stack dump. BUG Syzbot reported a crash that an ASSERT was triggered inside preparetomerge. This ASSERT ensures that the reloc tree is properly pointed back by its subvolume tree...

5.5CVSS5.8AI score0.00186EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: block: RCU protection for disk-convzonesbitmap It is ensured that revalidating a disk by changing the conventional zones bitmap does not cause invalid memory references when using the helper function diskzoneisconv, with RCU...

5.5CVSS6.2AI score0.00179EPSS
Exploits0References2
Total number of security vulnerabilities18102