Lucene search
+L
AstralinuxRecent

18102 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A heap out-of-bounds write vulnerability in the Linux Kernel Performance Events perf component of the Linux kernel can be exploited to achieve local privilege escalation. If the perfreadgroup function is called when the siblinglist of an event is smaller than that of its child, it may increment o...

7.8CVSS6.6AI score0.00856EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in OpenSSL

Issue summary: Generating excessively long X9.42 DH keys or checking overly long X9.42 DH keys or parameters can be very slow. Applications that use functions like DHgeneratekey to generate an X9.42 DH key may experience prolonged delays. Similarly, applications that use functions like...

5.3CVSS6.6AI score0.04459EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Thermal: Prevent potential string overflows. The dev-id value comes from idaalloc, so it’s a number between zero and INTMAX. If it’s too high, the sprintf functions will cause overflow...

7.8CVSS5.2AI score0.00236EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: possible buffer overflow. The buffer ‘afmtstatus’, which is sized 6, could overflow, as the index ‘afmtidx’ is checked after access...

7.8CVSS5.6AI score0.00256EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: perf/core: Abrupt exit if the requested AUX area is out of bounds. When using perf-record with a large AUX area, for example 4GB, the following error occurs: bash perf record -C 0 -m ,4G -e armspe0// -- sleep 1 Failed to mmap wit...

7.8CVSS6.2AI score0.00253EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Do not return “unset power” in ieee80211gettxpower. We may receive a UBSAN warning if ieee80211gettxpower returns the INTMIN value that mac80211 internally uses for “unset power level”. UBSAN:...

9.1CVSS6AI score0.01263EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Added a check for the negative value of dbl2nbperpage. l2nbperpage is log2number of blks per page, and the minimum legal value should be 0, not negative. If l2nbperpage is negative, an error will occur when it is...

8.4CVSS6.3AI score0.0027EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: fs/jfs: Added validation for dbmaxag and dbagpref. Both dbmaxag and dbagpref are used as indexes for the dbagfree array. However, there is currently no validation for these values, which can lead to errors. The following is a...

7.8CVSS5.9AI score0.00255EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipvlan: Added a helper function for ipvlanroutev6outbound. This was inspired by reports from syzbot, which used multiple ipvlan devices in their stacks. The stack size required in ipvlanprocessv6outbound was reduced by moving...

7.8CVSS6.3AI score0.00246EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: afunix: fix use-after-free in unixstreamreadactor syzbot reported the following crash 1 After releasing unix socket lock, u-oobskb can be changed by another thread. We must temporarily increase skb refcount to make sure this othe...

7.8CVSS6.6AI score0.00241EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: media: gspca: cpia1: shift-out-of-bounds in setflicker Syzkaller reported the following issue: UBSAN: Shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27; shift exponent 245 is too large for a 32-bit type ‘int’. Whe...

7.8CVSS6.3AI score0.00255EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevents deadlock by changing j1939sockslock to rwlock. The following 3 locks may race against each other, causing a deadlock situation in the Syzbot bug report: - j1939sockslock - activesessionlistlock -...

5.5CVSS6.2AI score0.00183EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: switchtec: Fixed a crash occurring in stdevrelease after an unexpected hot removal. A hot removal of a PCI device can occur while stdev-cdev is still held open. The call to stdevrelease happens during close or exit, well aft...

4.4CVSS6AI score0.00237EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: FS:JFS:UBSAN: array-index-out-of-bounds in dbAdjTree Syzkaller reported the following issue: UBSAN: array-index-out-of-bounds in fs/jfs/jfsdmap.c:2867:6 Index 196694 is out of range for type ‘s81365’ also known as ‘signed...

7.8CVSS6.4AI score0.00249EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: mana: Fixed error handling for TX CQE messages. For an unknown type of TX CQE error likely due to newer hardware, still free the SKB, update the queue tail, etc. Otherwise, the accounting data will be incorrect...

5.5CVSS6AI score0.0023EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Rejects redirects of skmsg messages to non-TCP sockets With a SOCKMAP/SOCKHASH map and a skmsg program, users can direct messages sent from one TCP socket s1 to actually exiting from another TCP socket s2...

5.5CVSS6.2AI score0.00225EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fixed a possible out-of-bounds string access issue. Enabling -Wstringop-overflow globally exposes a warning for a common bug in the use of strncat. drivers/edac/thunderxedac.c: In the function...

7.8CVSS6.1AI score0.00266EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The issue of slub overflow in ksmbddecodentlmsspauthblob has been fixed. If authblob-SessionKey.Length is larger than the size of the session key CIFSKEYSIZE, slub overflow can occur in the key exchange process. The functi...

7.8CVSS6.3AI score0.36685EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Tiff

A segmentation fault flaw was discovered in libtiff, which can be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt API. This flaw allows a remote attacker to cause a heap-buffer overflow, resulting in a denial of service...

7.5CVSS6.8AI score0.02187EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel, as of version 6.6.8, has a use-after-free issue due to a race condition involving btsockioctl...

7CVSS6.1AI score0.0026EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in unbound, bind9

The “Closest Encloser Proof” aspect of the DNS protocol as described in RFC 5155, when the guidance provided in RFC 9276 is skipped enables remote attackers to cause a denial of service resulting in high CPU usage for SHA-1 calculations through DNSSEC responses during a random subdomain attack,...

7.5CVSS7AI score0.81729EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Squid

Squid is a caching proxy for the web that supports HTTP, HTTPS, FTP, and other protocols. A bug related to incorrect checking of function return values makes Squid vulnerable to Denial of Service attacks targeting its helper process management. This bug has been fixed in Squid version 6.5. Users...

8.6CVSS7.4AI score0.10352EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in glibc

A flaw has been identified in glibc. In a rare situation, the gaihinet function may use memory that has already been freed, leading to an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with...

5.9CVSS6.6AI score0.01655EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Vim

Heap-based Buffer Overflow in the GitHub repository vim/vim before version 9.0.1848...

7.8CVSS7.1AI score0.006EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Vim

Use After Free in the GitHub repository vim/vim before version 9.0.1858...

7.8CVSS7.1AI score0.00559EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Squid

Squid is a caching proxy for the Web that supports HTTP, HTTPS, FTP, and other protocols. Due to a NULL pointer dereference bug, Squid is vulnerable to Denial of Service attacks targeting its Gopher gateway. The Gopher protocol was always available and enabled in Squid prior to Squid 6.0.1...

7.5CVSS7.4AI score0.05955EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue arises from the lack of proper locking when performing operations on an object. An attacker can...

8.1CVSS6.8AI score0.02515EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Thunderbird

Memory safety bugs exist in Firefox ESR 102.7. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Thunderbird 102.8 and Firefox ESR 102.8...

8.8CVSS8.2AI score0.00668EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It is an out-of-bounds read that leads to a segmentation fault in bfdgetl32 in libbfd.c, when called from pex64getruntimefunction in pei-x8664.c...

5.5CVSS6.7AI score0.01569EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It involves an attempt at excessive memory allocation in the bfdelfslurpversiontables function within elf.c...

5.5CVSS6.8AI score0.01097EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Wireshark

A memory leak in the BT SDP dissector in Wireshark versions 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows for denial of service through packet injection or malicious capture files...

7.5CVSS6.8AI score0.00486EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Wireshark

The BT SDP dissector has an infinite loop in Wireshark versions 4.0.0 to 4.0.7, and 3.6.0 to 3.6.15. This issue allows for denial of service through packet injection or with crafted capture files...

7.5CVSS6.8AI score0.00438EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in the net/ceph/messengerv2.c file within the Linux kernel before version 6.4.5. There is an integer signedness error, which leads to a buffer overflow and remote code execution via the HELLO command or one of the AUTH frames. This occurs due to an untrusted length value...

8.8CVSS7.6AI score0.54577EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in gst-plugins-bad1.0

GStreamer MXF File Parsing: Integer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may va...

8.8CVSS7.9AI score0.01871EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.8AI score0.00745EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Chromium, Firefox, Thunderbird, and LibVpx

A heap buffer overflow occurred in the vp8 encoding process in libvpx within Google Chrome before version 117.0.5938.132. In version 1.13.1 of libvpx, a remote attacker could potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.49013EPSS
Exploits3References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Extensions in Google Chrome before version 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00833EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Chromium, Firefox, Thunderbird, and LibWebP

A heap buffer overflow in libwebp in Google Chrome prior to version 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS7.2AI score0.99735EPSS
Exploits9References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

The use of after-free in networks in Google Chrome before version 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01202EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

In FedCM, out-of-bounds memory access in Google Chrome prior to version 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...

8.1CVSS7.3AI score0.01287EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libx11, libxpm

A vulnerability was discovered in libX11 due to an infinite loop within the PutSubImage function. This flaw allows a local user to consume all available system resources and cause a denial of service condition...

5.5CVSS6.5AI score0.00461EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A use-after-free vulnerability exists in the Linux kernel’s net/sched:clsu32 component, which can be exploited to achieve local privilege escalation. When the u32change function is called on an existing filter, the entire tcfresult struct is always copied into the new instance of the filter. This...

7.8CVSS6.6AI score0.00296EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.15 views

Astra Linux – Vulnerability in OpenSSH

The PKCS11 feature in ssh-agent in OpenSSH prior to version 9.3p2 has an insufficiently trustworthy search path, which can lead to remote code execution if the agent is forwarded to a system controlled by an attacker. The code located in /usr/lib is not necessarily safe for loading into ssh-agent...

9.8CVSS8AI score0.76768EPSS
Exploits10References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A NULL pointer dereference issue was discovered in the gfs2 file system within the Linux kernel. This issue occurs in corrupted gfs2 file systems when the evict code attempts to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could explo...

4.4CVSS6.6AI score0.00262EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in c-ares

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service attacks. When a target resolver sends a query, the attacker creates a malformed UDP packet with a length of 0 and sends it back to the target resolver. The target resolver misinterprets this 0-length field as an...

7.5CVSS6.3AI score0.01577EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by the lack of skb-cb initialization in the ipvlan network driver. The vulnerability is exploitable if CONFIGIPVLAN is...

7.8CVSS6.6AI score0.00491EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Golang-1.19

Extremely large RSA keys in certificate chains can cause clients and servers to spend significant CPU time verifying signatures. With this fix, the size of RSA keys transmitted during handshake operations is limited to 8192 bits or less. Based on a survey of publicly trusted RSA keys, there are...

5.3CVSS6.7AI score0.01328EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Golang-1.19

The go command may execute arbitrary code during compilation when using cgo. This can occur when running “go get” on a malicious module, or when running any other command that compiles unauthorized code. This issue can be triggered by linker flags, specified via the cgo LDFLAGS directive. Flags...

9.8CVSS7.2AI score0.01728EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Golang-1.19

The go command may execute arbitrary code during compilation when using cgo. This can occur when running “go get” on a malicious module, or when running any other command that compiles unauthorized code. This issue can be triggered by linker flags, specified via the cgo LDFLAGS directive. The...

9.8CVSS7.4AI score0.01837EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Golang-1.19

The go command may generate unexpected code during build time when using cgo. This can lead to unexpected behavior when running a Go program that uses cgo. This issue may occur when running a trusted module that contains directories with newline characters in their names. Modules retrieved using...

9.8CVSS7.1AI score0.01708EPSS
Exploits0References2
Total number of security vulnerabilities18102