Lucene search
+L
AstralinuxRecent

18102 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm: cachestat: fixed two shmem bugs When cachestat on shmem overlaps with swapping and invalidation, there are two possible bugs: 1 A swapin error may result in a corrupted swap entry in the shmem inode’s xarray. Calling...

5.5CVSS6.3AI score0.00646EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Added missing delayed work cancellation for headset status. The call to canceldelayedworksync was missed, resulting in a use-after-free in corsairvoidremove...

7.8CVSS6.2AI score0.0021EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

This issue has been addressed through improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, and tvOS 14.7. Processing maliciously crafted web content may lead to code execution...

8.8CVSS6.9AI score0.01847EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Through the use of reportValidity and window.open, a plain-text validation message could be displayed on another origin, potentially causing confusion for users and allowing for spoofing attacks. This vulnerability affects Firefox 93, Thunderbird 91.2, and Firefox ESR 91.2...

6.5CVSS6.8AI score0.00531EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 96 and Firefox ESR 91.5. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code...

8.8CVSS7AI score0.00702EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ext4: Add a check for reserved GDT blocks We have identified a NULL pointer issue when resizing a corrupted ext4 image that has recently had the resize inode feature disabled without running e2fsck. This issue can be reproduced b...

5.5CVSS6.1AI score0.00272EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: A memory leak was fixed by using debugfslookup. When calling debugfslookup, the result must also contain a call to dput. Otherwise, a memory leak will occur over time. To simplify things, simply call...

5.5CVSS5.6AI score0.00166EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “Bluetooth: btsdio: fix use after free bug in btsdioRemove due to unfinished work” This issue has been resolved through commit 1e9ac114c4428fdb7ff4635b45d4f46017e8916f. This patch introduces a possible null-ptr-def problem...

5.7AI score0.00195EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error states in the block data length handler When a block read returns an invalid length, such as zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr...

5.5CVSS5.7AI score0.001EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Thunderbird

In SkRegion.cpp, there is a potential out-of-bounds write due to an integer overflow. This could lead to a local privilege escalation without the need for additional execution privileges. User interaction is not required for exploitation...

7.8CVSS5.6AI score0.00258EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Avoid writeback threads getting stuck in mempoolalloc In situations with low memory availability, allow the NFS writeback code to fail without getting stuck in infinite loops in mempoolalloc...

5.5CVSS6.2AI score0.00238EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Nullifies the cq-dbg pointer in mlx5debugcqRemove Before this patch, if mlx5CoreDestroyCq failed, it would proceed with the remaining destruction operations. However, mlx5CoreDestroyCq could be called again by the user...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Keytool. The supported versions affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. This easily exploitable vulnerability allows an unauthenticat...

5.3CVSS6.5AI score0.05241EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in TabStrip in Google Chrome prior to version 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.1AI score0.01361EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fixed an MTE false alarm in dokrealloc. This patch addresses an issue introduced by commit 1a83a716ec233, which caused MTE Memory Tagging Extension to falsely report a slab-out-of-bounds error. The problem occurs wh...

5.5CVSS6.2AI score0.00227EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k – Verify that the expected usbendpoints are present. This bug occurs when a USB device claims to be an ATH9K device, but it does not have the expected endpoints. In this case, there was an interrupt endpoint, and the...

5.5CVSS6.1AI score0.00149EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: In the case of zoned filesystems, there’s a memory leak that occurs after finding a block group containing super blocks. In the excludesuperstripes function, if we encounter a block group that contains super blocks, and we...

6.5AI score0.00168EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: fixed the “bad unlock balance” issue in l2capdisconnectrsp. The conn-chanlock is not acquired before l2capgetchanbyscid. If l2capgetchanbyscid returns NULL, then the “bad unlock balance” issue will be trigger...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: nbd: Fixed an issue where the system got hung during the disconnection of a device. In our tests, “qemu-nbd” triggered a system hang: - Task qemu-nbd:11445 was blocked for more than 368 seconds. - Not tainted...

5.5CVSS6.3AI score0.00276EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: binfmtmisc: fixed a out-of-bounds shift in checkspecialflags. UBSAN reported an out-of-bounds warning: A shift of 1 place by 31 places cannot be represented as a value of type ‘int’. Call trace: dumpstack lib/dumpstack.c:88...

7.1CVSS6.3AI score0.00152EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: sctp: A breakout occurs if skbheaderpointer returns NULL in sctprcvootb. We should always check if the return value of skbheaderpointer is NULL before using it. Otherwise, it may cause a null-ptr-deref, as reported by syzbot:...

5.5CVSS6.3AI score0.00251EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: phy: qcom-qmp: Fixed the issue where the struct clk structure was leaked during probe errors. Be sure to release the pipe clock reference in case of a late probe error e.g., probe deferral...

5.5CVSS6.3AI score0.00253EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nvmem: Fixed the shift-out-of-bound issue UBSAN when using cells with byte-sized bits. If a cell has “nbits” that is a multiple of BITSPERBYTE, the logic p &= GENMASKcell-nbits % BITSPERBYTE - 1, 0; will result in undefined...

7.8CVSS6.2AI score0.00221EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4fattrargs.context is zeroed out If nfsd4encodefattr4 performs a “goto out” operation before checking the security label, then args.context will be set to uninitialized garbage on the stack. We will then...

5.5CVSS5.6AI score0.00188EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: vlan: Fixed a memory leak in vlannewlink. The responsible commit added back a bug that I fixed in commit 9bbd917e0bec “vlan: fixed a memory leak in vlandevsetegresspriority”. If a memory allocation fails in vlanchangelink afte...

5.5CVSS6.4AI score0.00252EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Firefox

The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox 115...

6.5CVSS6.9AI score0.00515EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: inetdiag: fixed a kernel-infoleak issue for UDP sockets KMSAN reported a kernel-infoleak issue 1 that could be exploited by unprivileged users. After analysis, it turned out that UDP was not initializing r-idiagexpires. Other...

5.5CVSS6.2AI score0.00254EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed a mid leak that occurred during reconnection after a timeout threshold. When the number of responses with the status STATUSIOTIMEOUT exceeds a specified threshold NUMSTATUSIOTIMEOUT, we reconnect the connection...

5.5CVSS5.2AI score0.00136EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdwrtsdcajackcommon: ctx-headsetcodecdev = NULL The function sofsdwRtsdcajackexit is used by different codecs, and some of them use the same interface name dai. For example, rt712 and rt713 both use...

7.1CVSS6.2AI score0.00222EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Poppler

A issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...

6.5CVSS6.8AI score0.01955EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Tracing: kprobe: Fixed a potential nullptrdereference issue in traceeventfile in kprobeeventgentestexit. When tracegeteventfile fails, genkretprobetest will be assigned as the error code. If the kprobeeventgentest module is remov...

5.5CVSS6.2AI score0.00165EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblockfreelate instead of imafreekexecbuffer. The code that calls imafreekexecbuffer is executed long after the memblock allocator has already been removed. This could lead to a use-after-free in...

5.5CVSS6.1AI score0.00219EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: Free rawreport buffers in usbhidstop This fix addresses a memory leak reported by syzbot at: https://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d3342a2a8a6c53371c8c418ab47...

5.5CVSS5.8AI score0.00251EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in iOS 17, iPadOS 17, watchOS 10, and macOS Sonoma 14. Processing web content may lead to arbitrary code execution...

8.8CVSS8.1AI score0.01521EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bounds: Use the correct number of bits for CONFIGNRCPUS that is a power of two. The bitsper function rounds up to the next power of two when a power of two is passed as an argument. This can cause crashes on some machines and...

5.5CVSS6.1AI score0.00236EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS8.7AI score0.57736EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Thunderbird

If a Thunderbird user quoted an HTML email, for example by replying to that email, and the email contained a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL would be made, regardless of any configuration that blocks remote...

8.1CVSS7.8AI score0.00528EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: NFC: port100: fixed a use-after-free in port100sendcomplete. Syzbot reported a UAF in port100sendcomplete. The root cause is the missing calls to usbkillurb in the error handling path of the -probe function. port100sendcomplet...

5.5CVSS6.3AI score0.00205EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2, and iPadOS 16.2, as well as watchOS 9.2. Processing maliciously crafted web content may le...

8.8CVSS8.1AI score0.34574EPSS
Exploits2References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in htmldoc

In HTMLDOC before version 1.9.19, there is a vulnerable write operation in parseparagraph in ps-pdf.cxx, due to an attempt to remove leading whitespace from a whitespace-only node...

9.8CVSS7.2AI score0.00706EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in CGal

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1, specifically in the NefS2/SNCioparser.h file, within the SNCioparser::readsface and storesmboundaryitem functions. A specially crafted, malformed file can lead to an out-of-bounds read and...

10CVSS7.6AI score0.02355EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in WebKit2GTK

The issue was addressed through improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, and watchOS 9.6. A website may be able to bypass the Same Origin Policy...

7.5CVSS6.8AI score0.00967EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in cjson

It has been discovered that cJSON v1.7.16 contains a segmentation violation due to the use of the cJSONSetValuestring function in the cJSON.c file...

7.5CVSS6AI score0.00961EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate data run offset This adds sanity checks for the data run offset. We should ensure that the data run offset is valid before attempting to unpack the data; otherwise, we may encounter use-after-free errors or...

7.8CVSS5.7AI score0.00149EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: bfq: fixed a use-after-free in bfqdispatchrequest KASAN reported a use-after-free when performing normal scsi-mq tests 69832.239032 ================================================================== 69832.241810 BUG: KASAN:...

7.8CVSS6.4AI score0.00262EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox

The browser might have misinterpreted the command as transferring a screen-sharing state to another tab, which could lead to the leakage of unintended information. This vulnerability affects Firefox versions earlier than 85...

6.5CVSS6.9AI score0.00882EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux-6.1, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: fncm: Fixed UAF Use-After-Free in the ncm object after re-binding after a USB EP transport error When the ncm function is working, the usb0 interface is stopped due to a link failure. In this case, the ethstop functi...

7.8CVSS6.2AI score0.00233EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915: Fixed the system suspension without fbdev being initialized. If fbdev is not initialized for some reason—in practice on platforms without a display—suspending fbdev should be skipped during system suspension. This...

5.5CVSS6AI score0.00133EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcicodec: Fixed leaking content of localcodecs The following memory leak can be observed when the controller supports codecs that are stored in the localcodecs list, but the elements are never freed: Unreferenced...

5.5CVSS5.9AI score0.00238EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: fixed a use-after-free in amdgpuuserqsuspend+0x51a/0x5a0 +0.000020 BUG: KASAN: slab-use-after-free in amdgpuuserqsuspend+0x51a/0x5a0 amdgpu +0.000817 Reading a size 8 byte value at address ffff88812eec8c58 by task...

7.8CVSS5.8AI score0.00133EPSS
Exploits0References2
Total number of security vulnerabilities18102