Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: ipw2200: A memory leak has been fixed in the ipwwdevinit function. In the error handling code for ipwwdevinit, an exception value is returned, and the memory allocated for this function is not released. Additionally, the...

5.9AI score0.00211EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check whether extcaps is valid in BL setup. LVDS connectors do not have extended backlight caps; therefore, check whether the pointer is valid before accessing it. Selected from commit...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the sdlPointerNew function freed memory upon failure. However, after that function called sdlPointerFree to free the memory again, it triggered a Universal Address Fault UAF condition. This vulnerability has...

8.7CVSS7AI score0.00423EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in grub2

A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader improperly handles string conversions when reading information from a USB device, allowing an attacker to exploit inconsistencies in the length values. A local attacker can...

4.8CVSS5.2AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Ensure that our nlmsg responses are initialized. Syed Faraz Abrar @farazsth98 from Zellic, and Pumpkin @u1f383 from DEVCORE Research Team, working with Trend Micro Zero Day Initiative, reported that an RTMGETNEIGH...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fixed a race condition that could lead to a UAF in sndusbmidifree. The previous commit 0718a78f6a9f, “ALSA: usb-audio: Properly terminates the timer upon endpoint deletion,” addressed a UAF issue caused by the...

5.2AI score0.00187EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Do not call kfree on devices managed by devres. Since the allocation of the driver’s main structure was changed to devmdrmdevalloc, the rdev is managed by devres, and we should not call kfree on it. This fix prevents...

5.9AI score0.00166EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in libxml2

The vulnerability of the xmlBufSetInputBaseCur function in the Libxml2 library is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to cause a service failure...

5.5CVSS5.9AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Memory safety bugs exist in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...

9.8CVSS7.6AI score0.01233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: In virtiobt, there is a issue where skbPutskb, len is called before proper validation of len. len comes directly from virtqueuegetbuf, without any validation against the buffer that is posted to the device. The RX skb ...

7.7CVSS6AI score0.00142EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: removed two invalid BUGON functions. These vulnerabilities can be triggered trivially by userspace...

5.8AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS protections through a malicious file. Chromium security severity: High...

6.1CVSS6.8AI score0.011EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: shmem: Use ramfskillsb for the killsb method of ramfs-based tmpfs. Since ramfs-based tmpfs uses ramfsinitfscontext for the initfscontext method, which allocates fc-sfsinfo, using ramfskillsb allows for its freeing and avoids a...

5.5CVSS5.9AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Intel Microcode

The sequence of processor instructions may lead to unexpected behavior on some Intel processors. This could potentially allow an authenticated user to enable privilege escalation, information disclosure, or denial of service through local access...

8.8CVSS7AI score0.01728EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ubifs: Authentication: Fixed a use-after-free in ubifstncendcommit. After an insertion in TNC, the tree may split, causing a node to change its znode-parent. Further deletions of other nodes in the tree which could also free thos...

7.8CVSS6.3AI score0.00285EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Mariadb 10.3

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. The supported versions affected are 5.7.33 and earlier. This easily exploitable vulnerability allows a highly privileged attacker with network access via multiple protocols to compromise the MySQL Server. Successful...

4.9CVSS6.7AI score0.02481EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: The call to fini during the creation of the exec queue fails. Every call to queue initialization should include a corresponding fini call. Skipping this would mean skipping the removal of the queue from the GuC list...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Golang-1.19

The various “Is” methods IsPrivate, IsLoopback, etc. did not work as expected for IPv4-mapped IPv6 addresses. They returned false for addresses that would return true in their traditional IPv4 form...

9.8CVSS6.7AI score0.01952EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability are Oracle Java SE: 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10,...

3.7CVSS5.4AI score0.01289EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in FontForge

FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines function in splinesave.c...

8.8CVSS7.5AI score0.02365EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Relative URLs that start with three slashes were incorrectly parsed. The “path-traversal” /../ part in the path could be used to override the specified host. This could lead to security issues in websites. This vulnerability affects Firefox 120, Firefox ESR 115.5.0, and Thunderbird 115.5...

6.5CVSS6.7AI score0.01406EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel before version 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. This could lead to an out-of-bounds write vulnerability...

7.8CVSS6.7AI score0.00266EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible Engine 2.9.18, where sensitive information is not masked by default, and the nolog feature is not protected when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The greatest threat posed by this...

7.5CVSS7.4AI score0.02043EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Thunderbird, Firefox

Due to the Firefox GTK wrapper code using text/plain for drag data, and GTK treating all text/plain MIME types that contain file URLs as being dragged, a website can arbitrarily read a file by calling DataTransfer.setData. This vulnerability affects Firefox 109, Firefox ESR 102.7, and Thunderbird...

6.5CVSS7AI score0.00641EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in mbedtls

In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability exists in the decoding of Base64 PEM files. This vulnerability allows system-level administrator attackers to obtain information about secret RSA keys through a controlled-channel and side-channel attack on software running in...

4.9CVSS5.2AI score0.01358EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Qemu

A use-after-free flaw was discovered in the MegaRAID emulator of QEMU. This issue occurs during the processing of SCSI I/O requests when the mptsasfreerequest function fails to dequeue the request object ‘req’ from the pending requests queue. This flaw allows a privileged guest user to crash the...

3.2CVSS6.4AI score0.0045EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ice: switch: fix potential memleak in iceaddadvrecipe When iceaddspecialwords fails, the ‘rm’ command is not released, which will lead to a memory leak. This issue has been fixed by handling the situation at the ‘errunroll’ label...

5.5CVSS5.1AI score0.00205EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in FontForge

FontForge 20190801 has a use-after-free in SFDGetFontMetaData in sfd.c...

8.8CVSS7.3AI score0.02478EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Redis

Redis is an open-source, in-memory database that persists data on disk. A authenticated user can use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. This issue exists in all versions of Redis that support L...

8.8CVSS6.6AI score0.04488EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in lua5.3

The ldebug.c file in Lua 5.4.0 allows for a negation overflow and segmentation fault in getlocal and setlocal functions, as demonstrated by getlocal3,2^31...

5.3CVSS6.5AI score0.03833EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.31. An invalid memory address dereference was identified in the readreloc function in reloc.c. This vulnerability causes a segmentation fault and results in the crash of the...

5.5CVSS6.2AI score0.0182EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/xive: Fixed the refcount leak in xivespaprinit. offindcompatiblenode returns a node pointer with a refcount incremented; we should use ofnodeput on it after processing. Added ofnodeput to prevent the refcount leak...

5.5CVSS6.4AI score0.00252EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A flaw was discovered in the udmabuf device driver of the Linux kernel. The specific flaw resides within a fault handler. The issue arises due to the lack of proper validation of user-supplied data, which can lead to a memory access beyond the end of an array. An attacker can exploit this...

7.8CVSS7.1AI score0.01013EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in poppler-22, poppler

A issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h; this could lead to a denial of service. This issue arises because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

6.5CVSS6.7AI score0.00902EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in poppler-22, poppler

A issue was discovered in Poppler 22.07.0. There exists a reachable abort that leads to a denial of service, as the main function in pdfunite.cc lacks a stream check before saving an embedded file...

6.5CVSS6.7AI score0.00959EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed NULL pointer dereferencing in i40edbgdumpdesc. When attempting to dump VFs using debugfs, a crash occurred due to NULL pointer dereferencing in i40edbgdumpdesc. A check was added to i40edbgdumpdesc to ensure that the...

5.5CVSS6.2AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/lima: fixed a memory leak in limaheapalloc. When limavmmapbo fails, the resources need to be deallocated; otherwise, there will be memory leaks...

5.5CVSS5.6AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: mcast: fixed a data race in ipv6mcdown / mldifcwork. idev-mcifccount can be written without proper locking. Originally reported by syzbot 1. This issue was fixed by encapsulating calls to mldifcstopwork and mldgqstopwork...

4.7CVSS6.3AI score0.00176EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.24 views

Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...

9.3CVSS8AI score0.036EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Vim

A heap-based buffer overflow vulnerability exists in the cmdlineerasechars function in the GitHub repository for Vim/Vim, prior to version 8.2.4899. These vulnerabilities could cause software to crash, modify memory, and potentially allow for remote execution...

7.8CVSS7.2AI score0.02481EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed a memory leak due to fentry attachment failure If fentry fails to attach, the allocated bpf trampoline image will remain in the system. This can be verified by checking /proc/kallsyms. This memory leak can be detected...

5.5CVSS6.2AI score0.00145EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A flaw was discovered in KVM. When updating a guest’s page table entry, vmpgoff was incorrectly used as the offset to obtain the page’s pfn. Since vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region...

7.8CVSS6.7AI score0.00385EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 98.0.4758.80, using “after free” in Reader Mode in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7AI score0.00745EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.15 views

Astra Linux – Vulnerability in Qemu

A out-of-bounds write flaw was discovered in the UAS USB-attached SCSI device emulation in QEMU in versions prior to 6.2.0-rc0. The device uses the guest-provided stream number without proper checking, which can lead to out-of-bounds access to the UASDevice-data3 and UASDevice-status3 fields. A...

7.4CVSS6.8AI score0.00566EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Ruby-Rack

Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, Rack::Multipart::Parser buffered the entire multipart preamble bytes before the first boundary in memory, without any size limit. This caused significant memory usage and potential process termination due...

7.5CVSS6.5AI score0.00868EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Qemu

A buffer overflow vulnerability was discovered in the ATI VGA device emulation provided by QEMU. This vulnerability occurs in the ati2dblt routine, during the handling of MMIO write operations, when the guest provides invalid values for the destination display parameters. A malicious guest could...

6.5CVSS6.8AI score0.00429EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Flatpak

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak did not properly validate whether the permissions displayed to the user during installation match the actual permissions granted to the app at runtime, especially when there was a nu...

8.6CVSS7.2AI score0.01346EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in tar

In the sparse.c file of GNU Tar, before version 1.32, there was a NULL pointer dereferencing issue when parsing certain archives that contained malformed extended headers...

7.5CVSS6.6AI score0.03028EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: sched: Fixed the use of “skb” after it is passed to qdiscenqueue. We cannot use “skb” again after passing it to qdiscenqueue. This is essentially identical to commit 2f09707d0c97 “schsfb: Also store skblen before calling chi...

7.8CVSS6.1AI score0.00159EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.18, prior to 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case of smb2write...

8.1CVSS6.7AI score0.01393EPSS
Exploits0References2
Total number of security vulnerabilities18095