Lucene search
+L
AstralinuxRecent

18102 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in NTP

The praecisparse function in ntpd/refclockpalisade.c, within NTP 4.2.8p15, contains an out-of-bounds write vulnerability. Any attack method would be complex, for example, using a manipulated GPS receiver...

6.4CVSS6.3AI score0.00521EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in NTP

In the file libntp/mstolfp.c, within the NTP version 4.2.8p15, there is a buffer overflow vulnerability when copying the trailing number. An attacker may be able to exploit this vulnerability against a client’s NTPQ process, but they cannot exploit it against ntpd...

5.6CVSS7.1AI score0.00703EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux - Vulnerability in Golang-1.19

The command go env command is documented as outputting a shell script containing the Go environment. However, go env does not sanitize the values it outputs. Therefore, executing its output as a shell script can lead to various malicious behaviors, including executing arbitrary commands or...

9.8CVSS7.1AI score0.00833EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Fixed signed integer overflow in ip6appenddata. Resurrected overflow checks for UBSAN; this warning is also fixed. The variable length’s type was changed to sizet. UBSAN: Signed-integer overflow in...

5.5CVSS6.4AI score0.0025EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed additional out-of-bounds writes from debugfs. CVE-2021-42327 was fixed with the following commit: f23750b5b3d98653b31d4469592935ef6364ad67 Author: Thelford Williams Date: Wed Oct 13 16:04:13 2021 -0400 drm/amdgp...

7.8CVSS5.9AI score0.00218EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disabling ASPM when a multifunction device’s function is removed to avoid use-after-free errors. The struct pcielinkstate-downstream is a pointer to the pcidev of function 0. Previously, we retained this pointer when...

7.8CVSS5.4AI score0.0014EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: vxlan: Fixed the nexthop hash size. The nexthop code expects a 31-bit hash, such as the one returned by fibmultipathhash and rt6multipathhash. Passing a 32-bit hash returned by skbgethash can lead to issues, especially when th...

7.8CVSS5.9AI score0.00154EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac: A slab-out-of-bounds read occurred in brcmfgetassocies. This bug could occur when associnfo-reqlen, which is a value from a URB provided by a USB device, is larger than the size of the buffer, which is defined as...

7.1CVSS6.2AI score0.00152EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Containerd

Containerd is an open-source container runtime. A bug was discovered in Containerd prior to versions 1.6.18 and 1.5.18, where supplementary groups were not set up properly within a container. If an attacker has direct access to a container and manipulates the supplementary group permissions, they...

7.8CVSS6.7AI score0.00542EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Vim

NULL pointer dereferencing in the GitHub repository for Vim/Vim before version 9.0.1392...

6.6CVSS6.7AI score0.00426EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Vim

Heap-based Buffer Overflow in the GitHub repository vim/vim before version 9.0.1376...

7.3CVSS6.7AI score0.00483EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Python 3.7

The lib/zipfile.py module in Python, as of version 3.7.2, allows remote attackers to cause a denial of service resource consumption through a ZIP bomb attack...

7.5CVSS6.8AI score0.05535EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Containerd

Containerd is an open-source container runtime. A bug was discovered in the CRI implementation of Containerd, where programs within a container can cause the Containerd daemon to consume memory indefinitely during the invocation of the ExecSync API. This can result in Containerd consuming all...

5.5CVSS6.5AI score0.00377EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Containerd

In containerd a industry-standard container runtime, before versions 1.3.10 and 1.4.4, containers launched through containerd’s CRI implementation via Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service that share the same image might receive incorrect...

6.3CVSS6.3AI score0.02044EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: In the video: fbdev: arkfb function, the value of screensize is calculated based on user input. If the user provides an incorrect value, the value of screensize may be larger than info-screensize, which may lead to the following...

7.8CVSS6AI score0.00214EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Do not use tnumrange for array range checking when dealing with poke descriptors. Hsin-Wei reported a KASAN issue triggered by their BPF runtime fuzzer, which is based on a custom syzkaller: - BUG: KASAN: Out-of-bounds...

7.1CVSS6.3AI score0.00215EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Wireshark

The NTLMSSP dissector crash in Wireshark versions 4.2.0 to 4.0.6, as well as 4.0.0 to 4.0.16, allows for denial of service through packet injection or malicious capture files...

7.8CVSS6.6AI score0.00317EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Wireshark

The T.38 dissector crash in Wireshark versions 4.2.0 to 4.0.3, and 4.0.0 to 4.0.13 allows for denial of service through packet injection or malicious capture files...

7.8CVSS6.8AI score0.01403EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A NULL check was added for the “timing generator” in dcn21setpipe. In the line of u32 otginst = pipectx-streamres.tg-inst;, if pipectx-streamres.tg can be NULL, it relies on the caller to ensure that tg is not NU...

5.5CVSS5.8AI score0.00225EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in NTP

In the file libntp/mstolfp.c, within the NTP 4.2.8p15 version, there is a buffer overflow vulnerability when adding a decimal point. An attacker may be able to exploit a client ntpq process, but they cannot exploit ntpd...

5.6CVSS6.9AI score0.00645EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in binutils

A out-of-bounds read flaw was discovered in the parsemodule function in bfd/vms-alpha.c in Binutils...

7.1CVSS6AI score0.00379EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in binutils

A issue was discovered related to the functions maketempdir and maketempname in bucomm.c within Binutils 2.34 through 2.38. This allows attackers to cause a denial of service due to memory leaks...

5.5CVSS6.1AI score0.00403EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in binutils

Heap buffer overflow vulnerability in binutils’ readelf before version 2.40, caused by the displaydebugsection function in the readelf.c file...

7.8CVSS5.6AI score0.00513EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in gst-plugins-good1.0

Before version 1.18.4, GStreamer might access already-freeed memory in error code paths when demuxing certain malformed Matroska files...

7.8CVSS7.2AI score0.01219EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ipv4: Check for a NULL idev in iprouteusehint. The syzbot was able to trigger a NULL deref in fibvalidatesource in an old tree 1. It appears that this bug still exists in the latest trees. All calls to indevgetrcu must be...

5.5CVSS6.3AI score0.00214EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: xsk: Validated user input for XDPUMEM|COMPLETIONFILLRING syzbot reported an illegal copy in xsksetsockopt 1 Ensure that the @optlen parameter of setsockopt is validated. 1 BUG: KASAN: Out-of-bounds access in...

6.7CVSS6.5AI score0.00256EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: fixed a race condition between ipv6getifaddr and ipv6deladdr Although ipv6getifaddr operates under the RCU lock, it still allows hlistforeachentryrcu to return an item that has already been removed from the list. The memory...

5.5CVSS6AI score0.00257EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fbmon: prevented division by zero in fbvideomodefromvideomode. The expression htotal vtotal can have a zero value during overflow. It is necessary to prevent division by zero, as seen in fbvartovideomode. This issue was identifie...

5.5CVSS5.8AI score0.00223EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Fixed infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. 1 According to the log, syzkaller sent an AFUNSPEC RTMGETROUTE message, and then th...

7.8CVSS6.4AI score0.00282EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: A memory leak has been fixed when canceling the rehash operation. The rehash operation is rescheduled with a delay if the number of credits at the end of the operation is not negative—this indicates that t...

5.5CVSS6.2AI score0.00256EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: tc358743 – The v4l2 async device is registered only after a successful setup. Ensure that the device has been set up correctly before registering the v4l2 async device, thereby allowing userspace to access it...

5.5CVSS6.1AI score0.00232EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal A race condition between the .runtimeidle callback and the .remove callback in the rtsxpcr PCI driver leads to a kernel crash due to an unhandled page fault 1. The proble...

5.5CVSS6.2AI score0.00193EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in emacs

In Emacs versions before 29.3, arbitrary Lisp code is evaluated as part of enabling the Org mode. This affects Org Mode in versions prior to 9.6.23...

7.8CVSS7.5AI score0.01099EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in nghttp2

nghttp2 is an implementation of the Hypertext Transfer Protocol Version 2 in C. The nghttp2 library prior to version 1.61.0 continued to read an unlimited number of HTTP/2 CONTINUATION frames even after a stream was reset, in order to keep the HPACK context synchronized. This caused excessive CPU...

5.3CVSS7AI score0.8496EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: resetting dst in the route object after setting up a flow. The dst field is now transferred to the flow object, and the route object no longer owns it. Resetting dst in the route object is necessary;...

5.5CVSS5.3AI score0.00228EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: phonet/pep: fixed the use of racyskbqueueempty The receive queues are protected by their respective spin-locks, not the socket lock. This could lead to skbpeek returning NULL or a pointer to a socket buffer that has already been...

5.8CVSS6.4AI score0.00223EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovsctexit Since kfreercu, which is called during the hlistforeachentryrcu traversal of ovsctlimitexit, is not part of the RCU read critical section, it is possible that the RCU grace period...

7.8CVSS5.9AI score0.00244EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: wilc1000 – Fixed RCU usage in the connect path. With lockdep enabled, calls to the connect function from the cfg802.11 layer lead to the following warning: ============================= WARNING: Suspicious RCU usage...

9.1CVSS6.2AI score0.01635EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: clk: The issue of clkcoreget dereferencing a NULL value has been fixed. It is possible for clkcoreget to dereference a NULL value in the following sequence: c clkcoreget ofclkgetHWFromClkspec ofclkgetHWFromProvider clkgetHW...

5.5CVSS6.1AI score0.00292EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fixed NULL pointer access in the interrupt handler. The TX buffer in spitransfer can be a NULL pointer. As a result, the interrupt handler may write to invalid memory, causing crashes. Add a check for trans-txbuf...

6.5CVSS5.7AI score0.01176EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nbd: Null check for nlaneststart nlaneststart may fail and return NULL. A check should be added, and errno should be set based on other calls within the same source code...

5.5CVSS5.8AI score0.00292EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fixed incomplete endpoint checking While vmk80xx does have endpoint checking implemented, some issues may still go unnoticed. Depending on the hardware model, URBs can have either bulk or interrupt types, and the...

5.5CVSS6.3AI score0.0028EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add a spinlock around changing the CTS state The uarthandlectschange function in serialcore expects the caller to hold port-lock. For example, I observed the following kernel error during the loading of the...

7.8CVSS6.4AI score0.00327EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fat: Fixed an uninitialized field in the nostale filehandles. When the fatencodefhnostale function encodes a file handle without a parent handle, it only stores the first 10 bytes of the file handle. However, the length of the fi...

5.5CVSS6AI score0.00257EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nfs: fixed UAF in direct writes In production, we have been encountering the following warnings consistently: ------------ cut here ------------ refcountt: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at...

7.8CVSS6.4AI score0.00244EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Resets queuepriorityhint when the queue is empty. Originally, with strict order execution, execution could only be completed when the queue was empty. Preempt-to-busy allows for the replacement of an active request...

5.5CVSS6.4AI score0.00269EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fixed a deadlock in the usbdeauthorizeinterface function. Among the attribute file callback routines in drivers/usb/core/sysfs.c, the interfaceauthorizedstore function is the only one that acquires a device lock on an...

7.8CVSS5.9AI score0.0019EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ACPI: processoridle: A memory leak was fixed in acpiprocessorpowerexit. After the CPU idle device was unregistered, the memory associated with it wasn’t freed, resulting in a memory leak: unreferenced object 0xffff896282f6c000 si...

6CVSS6.2AI score0.00254EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: hsr: Fixed uninit-value access in hsrgetnode KMSAN reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in hsrgetnode+0xa2e/0xa40...

5.5CVSS6.4AI score0.00249EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A memory leak was fixed in dmswfini. After destroying dmubsrv, the memory associated with it wasn’t freed, resulting in a memory leak: Unreferenced object: 0xffff896302b45800 size: 1024 Contents: comm...

5.5CVSS5.8AI score0.00228EPSS
Exploits0References2
Total number of security vulnerabilities18102