Lucene search
+L
AstralinuxRecent

18102 matches found

astralinux
astralinux
added 2026/07/09 8:12 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: bonding: Fixed a use-after-free in bondxmitbroadcast. bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it for others. Concurrent slave enslave/release operations may mutat...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References3
astralinux
astralinux
added 2026/07/09 8:12 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: net: skbuff: Fixed an issue where a missing zerocopy reference was present in the pskbcarve helpers. Both pskbcarveinsideheader and pskbcarveinsidenonlinear copy the old skbsharedinfo header into a new buffer using memcpy. Thi...

7.8CVSS6AI score0.00238EPSS
Exploits1References2
astralinux
astralinux
added 2026/07/09 8:12 a.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ipv6: Proper accounting of fraggap on the paged allocation path In ip6.AppendData, when the paged-allocation branch is taken MSGMORE / NETIFFSG / large fraglen, alloclen and pagedlen are computed as follows: alloclen =...

5.8AI score0.00176EPSS
Exploits0References2
astralinux
astralinux
added 2026/07/09 8:12 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: net/sched: Fixed a issue where partial COW operations by pedit led to corruption of the page cache. tcfpeditact calculates the COW range for skbensurewritable once before the key loop, using tcfpoffmaxhint. However, this hint...

7.8CVSS6.4AI score0.00321EPSS
Exploits11References3
astralinux
astralinux
added 2026/07/09 8:12 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: bpf: The reuseport cBPF prog is freed after the RCU grace period. Eulgyu Kim reported the issue below with a reproduction example. The reproduction example sets up a UDP reuseport group with a cBPF prog and replaces it with a new...

7.8CVSS6AI score0.00104EPSS
Exploits0References2
astralinux
astralinux
added 2026/07/09 8:12 a.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/tls: The use-after-free issue in the -EBUSY error handling path of tlsdoencryption has been fixed. The -EBUSY handling in tlsdoencryption, introduced with commit 859054147318 “net: tls: handle backlogging of crypto requests”,...

9.8CVSS5.7AI score0.00388EPSS
Exploits0References2
astralinux
astralinux
added 2026/07/09 8:12 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter. removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock, when invoked from futexrequeue. In the latter case,...

7.8CVSS6.1AI score0.00125EPSS
Exploits22References3
astralinux
astralinux
added 2026/07/09 8:12 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ppp: The requirement for CAPNETADMIN in the target netns is necessary for unattached IOCTls. The opening of /dev/ppp is currently allowed for file-fcred-userns, while unattached administrative IOCTls operate on...

8.8CVSS5.8AI score0.00182EPSS
Exploits1References2
astralinux
astralinux
added 2026/07/09 8:12 a.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: eventpoll: Fixed an UAF Use-After-Free issue with epremovestruct eventpoll and struct file. The epremove function via epremovefile clears the file-fep field under file-flock, but then continues using @file within the critical...

7.8CVSS6.9AI score0.00125EPSS
Exploits3References3
astralinux
astralinux
added 2026/07/09 8:12 a.m.8 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: espintcp: A race condition in espintcpclose has been fixed. This issue was discovered during a code audit. After espintcpclose is called, espintcptxwork can still be scheduled using functions like the Delayed ACK handler or...

7.8CVSS6AI score0.00101EPSS
Exploits0References4
astralinux
astralinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush dev-IOTLB only when the PCIe device is accessible in scalable mode. The commit 4fc82cd907ac “iommu/vt-d: Do not issue ATS invalidation requests when the device is disconnected” relies on pcidevisdisconnected to...

5.5CVSS6AI score0.00123EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, a underflow of the sizet variable in the IMA-ADPCM and MS-ADPCM audio decoders led to a heap-buffer-overflow issue through the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADPCM and MS-ADPCM...

9.8CVSS6AI score0.00317EPSS
Exploits1References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ocfs2: The BUG function was replaced with ocfs2error in ocfs2MoveExtent. In ocfs2MoveExtent, the BUG function was changed to ocfs2error simply to avoid causing the entire kernel to crash due to filesystem corruption...

5.9AI score0.00185EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurred in the decoding process of the ClearCodec band when crafted band coordinates allowed writes beyond the end of the destination surface buffer. A malicious server...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in the functions kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA located in WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c could cause crashes in any FreeRDP...

5.3CVSS5.8AI score0.00282EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, there was a buffer overflow vulnerability in freerdpbitmapdecompressplanar when SrcSize was 0. The function dereferences srcp which points to pSrcData without first verifying that SrcSize is greater than or...

9.1CVSS6.1AI score0.00285EPSS
Exploits1References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: In the chips-media: wave5 module, the order of device cleanup was corrected to prevent kernel panic. The process of removing video devices was moved to the beginning of the removal function to ensure that all video operations are...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Flatpak

Flatpak is a Linux application sandboxing and distribution framework. Prior to version 1.16.4, the caching mechanism for ld.so removed outdated cache files without properly checking whether the app’s control over the path to the outdated cache was valid within the cache directory. This allowed...

8.7CVSS7.1AI score0.00323EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in freeipa

A flaw was identified in the FreeIPA API audit; it sends the entire FreeIPA command line to journalctl. As a result, during the FreeIPA installation process, administrative user credentials—including the administrator’s password—are inadvertently leaked into the journal database. In the worst-cas...

5.5CVSS5.6AI score0.00226EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in edk2

EDK2 contains a vulnerability in the BIOS, where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” through local access. Successful exploitation of this vulnerability could lead to possible information disclosure or escalation of privileges, thereby affecting...

5.8CVSS7AI score0.00123EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-16 and 6.9.13-41, there was a vulnerability where a memory allocation failure in the sixel encoder could lead to writing beyond the end of a buffer on the stack. This vulnerability...

6.7CVSS6AI score0.00096EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in GIMP

GIMP PSP File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...

7.8CVSS7.6AI score0.00744EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extension of kfunc call arguments kfunc calls are native calls, so they should follow LoongArch calling conventions. Sign extension of arguments should be performed properly to avoid kernel panic. This is...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: Fixed a NULL dereferencing on devlinkalloc failure. Devlinkalloc may return NULL when allocation fails, but presteradevlinkalloc will unconditionally call devlinkpriv on the returned pointer. This can lead...

5.5CVSS5.9AI score0.00115EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Buffer validation was corrected by including the size of the null-terminating character in the EA length. The smb2setea function, which handles Extended Attributes EA, conducted buffer validation checks that incorrectly...

5.8AI score0.00168EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in firewalld

A flaw was discovered in firewalld. A local unprivileged user can exploit this vulnerability by misauthorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This misauthorization allows the user to modify the runtime firewall state without proper authentication,...

5.5CVSS6.1AI score0.00118EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Firefox, Thunderbird

JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

9.8CVSS7AI score0.00755EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fixed the handling of device lifecycle in cssallocsubchannel. cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel...

5.5CVSS6AI score0.00126EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: regmap: Fixed a race condition in the hwspinlockirqsave routine. Previously, the address of the shared member &map-spinlockflags was passed directly to hwspinlocktimeoutirqsave. This created a race condition where multiple contex...

4.7CVSS5.7AI score0.001EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: btrfs: In the send operation, it is necessary to check for inline extents within the rangeisholeinparent function. Before accessing the diskbytenr field of a file extent item, we need to check whether we are dealing with an inlin...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release the per-CPU pgmap reference when vminsertpage fails. When vminsertpage fails in p2pmemallocmmap, p2pmemallocmmap does not invoke percpurefput to free the per-CPU reference to pgmap acquired after...

5.5CVSS6AI score0.00155EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: Fixed memory leaks in XDR decoding error paths. The functions gssxdecctx, gssxdecstatus, and gssxdecname allocate memory through gssxdecbuffer, which calls kmemdup. When a subsequent decoding operation fails, the...

5.5CVSS6.3AI score0.0016EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: pNFS: Fixed a deadlock that occurred when returning a delegation during the open function. Ben Coddington reported seeing a hang in the following stack trace: 0 ffffd0b50e1774e0 schedule at ffffffff9ca05415 1 ffffd0b50e177548...

5.8AI score0.00168EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Team: Move teamdevicetypechange to the end of teamportadd. Attempting to add a port device that is already up will, unsurprisingly, fail. However, this failure occurs before modifying the teamdeviceheaderops. In the case of the...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: Do not cause a crash when the msc-input field is missing. Fake USB devices can send their own report descriptors, for which the inputmapping hook is not called. In this case, msc-input remains NULL, leading to a...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: do not free existing class in qfqchangeclass This fix addresses the issue with the qfqchangeclass function. The cl-qdisc and cl fields should only be freed if a new class and qdisc are allocated; otherwise,...

7.8CVSS6.3AI score0.00204EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Fixed a potential underflow in virtiotransportgetcredit. The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: c ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer reduces its...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in libheif

libheif is a decoder and encoder for HEIF and AVIF file formats. In versions 1.21.2 and earlier, a malformed HEIF sequence file could trigger an out-of-bounds read during core sequence parsing, leading to DoS Denial of Service. A malformed file may have stcoentrycount == 0 meaning no chunks are...

6.5CVSS6AI score0.00253EPSS
Exploits1References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in libheif

libheif is a decoder and encoder for HEIF and AVIF file formats. In versions 1.21.2 and earlier, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track’s chunk table could cause a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader...

8.1CVSS5.8AI score0.00302EPSS
Exploits1References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: EFI: Fix for reserving unaccepted memory tables The reserveunaccepted function incorrectly calculates the size of the memblock reservation for the unaccepted memory tables. It aligns the size of the tables, but fails to take into...

7.1CVSS6AI score0.00159EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: mISDN: Annotated data-race around dev-work dev-work can be read without locking in mISDNread and mISDNpoll. Add READONCE/WRITEONCE annotations. BUG: KCSAN: Data race in mISDNioctl/mISDNread Writing 0xffff88812d848280 4 bytes b...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: ChipIdea UDC: Fix for DMA and SG cleanup in epnuke The ChipIdea UDC driver may encounter errors where “not-page-aligned sg buffers” occur when a USB device is reconnected after being disconnected during an active transfer...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.14 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: tls: Fixed a race condition in tlsswcancelworktx This issue was discovered during a code audit. After the call to canceldelayedworksync from tlsskprotoclose, txworkhandler can still be scheduled from functions like the Delayed AC...

9.8CVSS6AI score0.0049EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: kexec: deriving the entry from the purgatory symbol The kexecloadpurgatory function derives image-start by locating eentry within an SHFEXECINSTR section. If the purgatory object contains multiple executable sections with...

5.5CVSS6.1AI score0.00123EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receives data only if registered Currently, the bcsprecv function can still be called even when the BCSP protocol has not been registered. This leads to a NULL pointer dereference, as shown in the following stack...

6.2AI score0.00171EPSS
Exploits0References4
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in acioctl Discovered by Atuin – Automated Vulnerability Discovery Engine. In acioctl, the validation of IndexCard and the check for a valid RamIO pointer are skipped when cmd is 6...

5.9AI score0.00173EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: Fixed out-of-range access to bc-domains. Out-of-range access to bc-domains was corrected in the imx8mblkctrlremove function...

7.1CVSS5.7AI score0.00117EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc – fixed an off-by-one error in the wireorder validation. The current validation wireorderi ARRAYSIZEconfig pins allows wireorderi to equal ARRAYSIZEconfig pins, which causes out-of-bounds access when used as an...

6.4AI score0.00173EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.11 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mm, shmem: preventing infinite loops in truncate race conditions. When truncating a large swap entry, shmemfreeswap returns 0 when the entry’s index does not match the given index due to lookup alignment issues. The failure...

5.7AI score0.00166EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: The reference count of the device should always be dropped in ibdelsubdeviceandput. Since nldevdeldev introduced in commit 060c642b2ab8 “RDMA/nldev: Add support for adding/deleting a sub IB device through netlink” grab...

7.8CVSS6AI score0.00119EPSS
Exploits0References3
Total number of security vulnerabilities18102