Lucene search
+L
AstralinuxRecent

18102 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/edid: fixed an issue where information was leaked when attempting to obtain the panel ID. Be sure to clear the transfer buffer before retrieving the EDID, to avoid leaking slab data into logs in case of errors where the...

7.1CVSS6.5AI score0.00153EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed the NULL pointer dereferencing issue in the early fallback to fastopen. In the event of an early fallback to TCP, subflowsynrecvsock deletes the subflow context before returning the newly allocated socket to the...

5.2AI score0.00162EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the tpm subsystem, the TPM chip must be locked first during the tpmpmsuspend function. Setting TPMCHIPFLAGSUSPENDED at the end of tpmpmsuspend can be done more efficiently, as this provides a window during which tpmhwrngread c...

5.5CVSS6.2AI score0.00171EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox

If an attacker were able to alter specific about:config values for example, malware running on the user’s computer, the Devtools remote debugging feature might be enabled in a way that is unnoticed by the user. This would allow a remote attacker who can establish a direct network connection to th...

6.5CVSS7AI score0.01397EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be performed in constant time. Replace the memcmp function with the correct function, cryptomemneq...

7.4CVSS5.7AI score0.00392EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crashing when dealing with very long words. In cases where a console is set up to handle very large data, containing words that are truly long 256 characters, we need to stop processing before reaching the length o...

5.9CVSS5.7AI score0.00277EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Golang-1.19

If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates...

5.4CVSS6.7AI score0.00795EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irqwork has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-free in irqworkrunli...

7.8CVSS6.4AI score0.0026EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed the timeout of a call that has not yet been granted a channel. The afsmakecall function calls rxrpc.kernelbegincall to initiate a call which may get stalled in the background while waiting for a connection to become...

5.3AI score0.00166EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Chromium

The use of "after free" in Blink in Google Chrome before version 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.4AI score0.09401EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

An access issue has been resolved through improved access restrictions. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, and watchOS 10.3. A maliciously crafted webpage may be able to obtain user information...

6.5CVSS6.9AI score0.00921EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in htmldoc

A flaw was discovered in htmldoc in v1.9.12 and earlier versions. A stack buffer overflow in the parsetable function in ps-pdf.cxx may allow for the execution of arbitrary code and cause a denial of service attack...

7.8CVSS7.9AI score0.01387EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth instead of bitwidth for system memory accesses To comply with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be relied upon to always be at a clean 8-bit boundary. This issue was discovere...

5.5CVSS6.4AI score0.0021EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed a data race around unixtotinflight. unixtotinflight is updated under spinlockunixgclock, but unixreleasesock reads it without locking. We will use READONCE for unixtotinflight...

5.6AI score0.00185EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Input: raydiumtsi2c – fixed a memory leak in raydiumi2csend A kmemleak occurs when testing raydiumi2cts using the bpf mock device: Unreferenced object 0xffff88812d3675a0 size 8: Comm “python3”, PID 349, Jiffies 4294741067 Age...

5.5CVSS6.2AI score0.00233EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Timekeeping: The leap state of the auxiliary timekeeper must be adjusted to the correct value. When the doajdtimex function was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When this...

5.5CVSS5.3AI score0.001EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fixed a use-after-free bug in ndlcremove due to a race condition This bug affects both stncii2cremove and stncispiremove. Take stncii2cremove as an example. In stncii2cprobe, it calls ndlcprobe and binds &ndlc-smwork...

7.8CVSS6.2AI score0.0017EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed the use-of-memory issue in nreq in reqsktimerhandler. The referenced commit replaced inetcskreqskqueuedropandput with inetcskreqskqueuedrop and reqskput in reqsktimerhandler. Next, oreq should be passed to reqskput...

7.8CVSS6.2AI score0.0022EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbuscore Fixed NULL pointer dereferencing. Pass i2cclient to pmbusisenabled to remove the assumption that a regulator device is passed in. This will fix the issue of NULL pointer dereferencing when called from pmbusgetfla...

5.5CVSS5.8AI score0.00133EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 87.0.4280.141, using autofill in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...

9.6CVSS7.2AI score0.02239EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: udf: Do not update the file length for failed writes to inline files When writing to an inline file fails or only partially succeeds, we still update the length of the inline data as if the entire write operation was successful...

5.5CVSS6.1AI score0.00137EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: Make sure to wait for page writeback in memoryfailure. Our syzkaller triggers "BUGON!listempty&inode-iwblist" in clearinode: - Kernel bug at fs/inode.c:519! - Internal error: Oops – Bug: 0 1 SMP - Modules linke...

5.5CVSS6.2AI score0.00233EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ext4: A bug related to delayed allocation was fixed in ext4clumapped for bigalloc and inline scenarios. When converting files with inline data to extents, delayed allocations made on a file system created with both bigalloc and...

5.5CVSS6.2AI score0.00146EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cgroup, freezer: Hold cpuhotpluglock before freezermutex. syzbot reports a circular locking dependency between cpuhotpluglock and freezermutex. To address this issue, commit f5d39b020809 “freezer,sched: Rewrite core freezer...

7.8CVSS6.7AI score0.00141EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Set the new vector length before reallocating it. As part of fixing the allocation of the buffer for SVE states when changing the SME vector length, we introduced an immediate reallocation of the SVE state. This...

7.8CVSS6.1AI score0.00151EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: BPF, sockmap: Do not allow sockmapclose,destroy,unhash to call itself. Proto callback functions in sockmap should never call themselves by design. Protect against bugs like 1 and break out of the recursive loop to avoid a stac...

9.1CVSS6.2AI score0.01219EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fixed error handling for eventfd in kvmxeneventfdassign Do not call eventfdctxput in case of an error. Introduced a new goto target instead. - Paolo...

5.5CVSS6AI score0.0014EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clearing workbit to handle error conditions During an error with the CLOSEINSTANCE command, ctxworkbits wasn’t cleared. Subsequent execution of mfc led to a NULL pointer dereferencing of this context, resulting in...

6AI score0.00173EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv – Properly handles the EBUSY error. Since seqiv only handles the special return value of EINPROGERSS, it means that in all other cases, it will free the data related to the request. However, since the caller of seqi...

7.8CVSS5.3AI score0.0015EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Fixed a potential use-after-free in nfsdfileput The nfsdfileputnoref function can free the @nf object; therefore, do not dereference @nf immediately after returning from nfsdfileputnoref...

7.8CVSS6.4AI score0.00252EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

Linux block and network PV device frontends do not zero memory regions before sharing them with the backend CVE-2022-26365, CVE-2022-33740. Additionally, the granularity of the grant table does not allow sharing smaller than a 4K page, resulting in unrelated data residing in the same 4K page as...

7.1CVSS6.7AI score0.00325EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ethtool: Do not perform operations on net devices that are not yet registered. There is a short period between when a net device starts to be unregistered and when it is actually removed from the list of available devices. During...

7.8CVSS6AI score0.00244EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...

9.8CVSS7.1AI score0.01055EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the page array leak. d9f595b9a65e “iouring/zcrx: fixed the issue of leaked pages during sg initialization failure” fixed a page leakage issue; however, the page array was not freed either...

5.5CVSS5.3AI score0.001EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a deadlock that occurs during concurrent direct IO writes when there is limited free data space. When reserving data space for direct IO writes, a deadlock can occur if multiple tasks attempt to write to the same fil...

5.5CVSS5.9AI score0.0016EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/smc: Fixed a possible leak of the pernet namespace in smcinit. In smcinit, registerpernetsubsys&smcnetstatops is called without any error handling. If this call fails, the registration of &smcnetops will not be reversed. And ...

5.5CVSS6.2AI score0.00164EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf, verifier: Fixed a memory leak in array reallocation for stack state. If an error NULL is returned by krealloc, callers of reallocarray would set their allocation pointers to NULL. However, when an error occurs in krealloc, i...

5.5CVSS6.2AI score0.00164EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in fig2dev

A stack-based buffer overflow in the genpstrxtext component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS by converting an xfig file into pstricks format...

5.5CVSS6AI score0.0107EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.17 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: r8188eu: prevented -Ssid overflow in rtwwxsetscan This code includes a check to prevent read overflow, but another check is needed to prevent writing beyond the end of the -Ssid array...

5.5CVSS5.9AI score0.00245EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: s390/lcs: The return type of lcsstartxmit has been corrected. With Clang’s Kernel Control Flow Integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to ensure that the...

5.9AI score0.00239EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Tiff

Libtiff 4.5.0 is vulnerable to a Buffer Overflow issue through the extractContigSamplesBytes function at /libtiff/tools/tiffcrop.c:3215...

8.8CVSS6.8AI score0.00843EPSS
Exploits1References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check the start of empty przs during initialization. After the commit 30696378f68a “pstore/ram: Do not treat empty buffers as valid”, the initialization process would assume that the prz start position was valid if th...

7.8CVSS6.4AI score0.00147EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: winwing: Added a NULL check in winwinginitled. The devmkasprintf function can return a NULL pointer if it fails, but this returned value is not checked in winwinginitled. A NULL check should be added in winwinginitled to...

5.5CVSS6.3AI score0.00195EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: - ntfs: Added a sanity check on the allocation size. - ntfsread inodemount calls ntfsmallocnofs with an allocation size of zero. This triggers a bug in the ntfsmalloc function. This issue has been fixed by adding a sanity chec...

5.5CVSS6AI score0.00252EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fixed the issue of null pointer dereferencing in ESI. ESI/MSI is a performance optimization feature that provides dedicated interrupts per MCQ hardware queue. This is an optional feature, and UFS MCQ should...

5.5CVSS5.4AI score0.00128EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: Fixed a race condition in nfslocalopenfh. Once the clp-cluuid.lock is dropped, another CPU may come in and free the struct nfsdfile that was just added. To prevent this from happening, take the RCU read lock before...

4.7CVSS5.7AI score0.00103EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.7AI score0.00752EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in openimageio

There is a heap-based buffer overflow vulnerability in the tile decoding code of the TIFF image parser in OpenImageIO’s master-branch-9aeece7a and v2.3.19.0. A specially crafted TIFF file can lead to out-of-bounds memory corruption, which may result in arbitrary code execution. An attacker can...

9.8CVSS9AI score0.01813EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftchainfilter: handling of NETDEVUNREGISTER for the inet/ingress basechain. Remove netdevice from the inet/ingress basechain in case NETDEVUNREGISTER event is reported; otherwise, a stale reference to netdevice remain...

5.5CVSS6.1AI score0.00245EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in Skia in Google Chrome prior to version 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

9.8CVSS7.6AI score0.0152EPSS
Exploits0References2
Total number of security vulnerabilities18102