Lucene search
K
AstralinuxRecent

17430 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the hsofreenetdevice function in drivers/net/usb/hso.c calls unregisternetdev from version 5.13.4 onwards, without checking the NETREGREGISTERED status. This leads to a use-after-free and a double-free...

6.4CVSS6.2AI score0.00395EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in iproute2

In iproute2 before version 5.1.0, there is a use-after-free issue in the getnetnsidfromname function in the ip/ipnetns.c file. NOTE: The relevance of this issue to security may be limited to certain uses of setuid, which, although not a default option, are sometimes an optional configuration...

4.4CVSS6.4AI score0.00403EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: NFS: Fixed a use-after-free in nfs4initclient. KASAN reported a use-after-free when attempting to mount two different exports through two different NICs that belong to the same server. Olga was able to exploit this issue with...

7.5CVSS6.3AI score0.01109EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Lynx

Lynx versions up to 2.8.9 mishandled the userinfo subcomponent of a URI, allowing remote attackers to discover cleartext credentials, as these credentials might appear in SNI data...

5.3CVSS6AI score0.04455EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 91.0.4472.164, using the "OUT OF BORD" feature in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.4AI score0.01312EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in htmldoc

A flaw was discovered in htmldoc version 1.9.12. A heap buffer overflow in the rendertablerow function, located in ps-pdf.cxx, may lead to arbitrary code execution and denial of service...

7.8CVSS8.2AI score0.01138EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in grub2

GNU GRUB also known as GRUB2 from version 2.12 has a heap-based buffer overflow in the fs/hfs.c file, due to crafted sblock data within an HFS filesystem...

8.8CVSS7.1AI score0.00708EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Ruby 2.5

REXML is an XML toolkit for Ruby. The REXML gem before version 3.2.6 has a denial-of-service vulnerability when it parses an XML document with many tags in an attribute value. Users who need to parse untrusted XMLs may be affected by this vulnerability. The REXML gem version 3.2.7 or later includ...

5.3CVSS6.5AI score0.02064EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: Fixed corruption in command completion handlers and UAFs Commit 302a1f674c00 “Bluetooth: MGMT: Fixed possible UAFs” introduced mgmtpendingvalid, which not only validates pending commands but also unlinks them...

7.8CVSS6.4AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: rxrpc: fixed the RESPONSE authenticator parser OOB read issue. The rxgkverifyauthenticator function copies authlen bytes into a temporary buffer, and then passes p + authlen as the parser limit to rxgkdoverifyauthenticator...

9.1CVSS5.8AI score0.00442EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iptunnel: It was necessary to adapt iptunnelxmitstats to use NETDEVPCPUSTATDSTATS. The commits that caused this issue overlooked the fact that vxlan/geneve uses udptunnel6xmitskb, which calls iptunnelxmitstats. iptunnelxmitstats...

8.2CVSS5.4AI score0.00299EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fixed the issue of parameter context leaks during the damonsysfsnewtestctx function failure. Patches in the series “mm/damon/sysfs: fixed memory leaks and NULL pointer dereferencing issues”, version 4. DAMONSYSFS...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. The calculation of the translation buffer when reading a language .mo file in grubgettextgetstrfromposition may overflow, resulting in an out-of-bound write. This issue can be exploited by an attacker to overwrite grub2’s sensitive heap data, ultimately allowing th...

6.7CVSS7AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed a situation where a double free of the qgroup record occurred after attempting to add a delayed ref head failed. In the previous code, it was possible for a double kfree scenario to occur when calling...

5.4AI score0.00167EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed a soft lockup during fsstress. The following issues were observed during fsstress, and the system became hung. 130.698396 watchdog: BUG: Soft lockup – CPU6 got stuck for 26 seconds!...

5.5CVSS5AI score0.00158EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platformdriverdata The missing platformsetdrvdata function has also been added, as the data will be used in the remove function...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: LoongArch: Fixed missing NULL checks for kstrdup 1. Replaced “offindnodebypath"/"” with “ofroot” to avoid multiple calls to “ofnodeput”. 2. Fixed a potential kernel error during early boot when memory allocation fails while...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: mtu3: Fixed the kernel panic that occurred when the qmu transfer was completed and the irq handler was called. When handling the qmu transfer irq, the @mtu-lock is unlocked before returning the request. If another thread...

5.6AI score0.00173EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf: sched: Fixed a crash in perf when using the new isusertask helper. To obtain a user space stacktrace, the current task must be a user task that has executed in user space. It was previously possible to determine whether a...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed the “use-after-free” warning in btrfsgetorcreatedelayednode. Previously, btrfsgetorcreatedelayednode set the refcount of delayednode before acquiring the root-delayednodes lock. The commit e8513c012de7 “btrfs:...

7.8CVSS5.4AI score0.00113EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: The payload size has been sanitized to prevent member overflow. In functions qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by the firmware is used to calculate the copy length for the...

5.4AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: hwrng: geode – Fixed the PCI device reference count leak issue. The function foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice indicates that it will increase the reference count of the...

5.5AI score0.00233EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in freeglut

It was discovered that freeglut through version 3.4.0 contains a memory leak due to the memory usage related to the menuEntry variable in the glutAddMenuEntry function...

7.5CVSS6.4AI score0.01147EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: soundwire: bus: Fix unbalanced pmruntimeput causing usage count underflow This issue is addressed by the commit 443a98e649b4 “soundwire: bus: use pmruntimeresumeandget”. The calls to pmruntimeresumeandget are changed back to...

5.3AI score0.00166EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Ruby 2.5

REXML is an XML toolkit for Ruby. The REXML gem version 3.3.2 has a DoS vulnerability when it parses an XML document that contains many entity expansions using SAX2 or the pull parser API. The REXML gem versions 3.3.3 and later include a patch to fix this vulnerability...

7.5CVSS6.5AI score0.01192EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Smack: TCP/IPv4; fixed incorrect labeling. Currently, Smack follows the labeling scheme for incoming TCP/IPv4 connections. When a connection labeled “foo” connects to a connection labeled “bar” via TCP/IPv4, “foo” always appears ...

8.8CVSS6.5AI score0.0084EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: Avoid potential underflow in qdiscpktleninit with UFO After committing 7c6d2ecbda83 “net: Be more gentle about silly GSO requests coming from user”, the virtionethdrtoskb function added sanity checks to detect malicious...

5.5CVSS6.5AI score0.00277EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Ruby 2.5

REXML is an XML toolkit for Ruby. The REXML gem before version 3.3.2 had some DoS vulnerabilities when parsing XML that contained many special characters, such as whitespace characters, , , and . The REXML gem versions 3.3.3 or later include patches to fix these vulnerabilities...

7.5CVSS6.6AI score0.01283EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: macb: fixed the use of “free” after calling “rmmod”. “platdev-dev-platformdata” is released by calling “platformdeviceunregister”. The use of “pclk” and “hclk” constitutes a use-after-free. Since “deviceunregister” does n...

7.8CVSS6.1AI score0.00242EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fixed a reference leak in amdgpuuserqwaitioctl. Also, removed the reference to syncobj and timeline fence when aborting the ioctl, as the output array became too small. Selected from the commit...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nftables: nftdynset: fixed a possible stateful expression memory leak in the error path. If cloning the second stateful expression in the element via GFPATOMIC fails, then the first stateful expression remains in place without...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Sound. The supported versions affected by this vulnerability are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4, and 22.3.0...

3.7CVSS6AI score0.01357EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Jetty9

Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in MetaDataBuilder.checkSize allows HTTP/2 HPACK header values to exceed their size limit. MetaDataBuilder.java determines whether a...

7.5CVSS6.7AI score0.03754EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: preventing integer overflow in shcsssetblackframe The values of “height” and “width” come from the user, so the multiplication of “height width” can cause an integer overflow...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a NULL pointer dereferencing issue in smb2getinfofilesystem. If share is provided, share-path will be NULL, which can lead to a NULL pointer dereferencing issue...

5.5CVSS5.6AI score0.00135EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Networking. The supported versions affected by this vulnerability include Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3, and 22.2.0. This...

3.7CVSS6.5AI score0.01473EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libcaca

A flaw was discovered in libcaca. A buffer overflow in the export.c file, specifically in the exporttroff function, may lead to memory corruption and other potential issues...

7.8CVSS7.1AI score0.0125EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

The file net/bluetooth/hcirequest.c in the Linux kernel, up to version 5.12.2, contains a race condition related to the removal of the HCI controller...

7CVSS6.6AI score0.00697EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

KGDB and KDB allow read and write access to kernel memory, and therefore should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger, so it is important that the debugger respects the lockdown mode when/if it is triggered. CVSS 3.1 Base Score: 6.7...

6.7CVSS6.6AI score0.00617EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iio: accel: kxcjk-1013: Fixed a possible memory leak in the probe function by removing the data-dreadyTrig condition. When the ACPI type is ACPISMO8500, the data-dreadyTrig field will not be set, and the memory allocated by...

5.5CVSS5.7AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bridge: cfm: Fixed a race condition in the peermep deletion process. When a peer MEP is being deleted, the canceldelayedworksync function is called on ccmrxdwork before freeing the object. However, brcfmframerx runs in a softirq...

7.8CVSS5.7AI score0.001EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Update log-pagemask,bits if log-pagesize changes. If an NTFS file system is mounted to another system with a different PAGESIZE compared to the original system, log-pagesize will change during logreplay, but...

5.5CVSS6.2AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in advancecomp

It was discovered that Advancecomp v2.3 contains a segmentation fault...

5.5CVSS5.6AI score0.00427EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: ofpart: – Fixed a refcount leak in bcm4908partitionsfwoffset. The function offindnodebypath returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer needed. Add the...

5.5CVSS5.3AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: arm64: mm: fixed the sanity check for VA-range Both createmappingnoalloc and updatemappingprot perform sanity checks on their ‘virt’ parameter. However, the check itself doesn’t make much sense. The condition used today seems ...

6AI score0.00173EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsuspsave On arm64 machines, swsuspsave faults if it attempts to access MEMBLOCKNOMAP memory ranges. This can be reproduced in QEMU using UEFI when booting with rodata=off...

7.8CVSS6.3AI score0.00238EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libsdl2

In SDL Simple DirectMediaLayer versions 2.x through 2.0.9, there is a heap-based buffer over-read issue in the FillIMAADPCMblock function, caused by an integer overflow in the IMAADPCMDecode function in the audio/SDLwave.c file...

6.5CVSS6.6AI score0.01805EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libde265

A buffer overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code through the SAO Sample Adaptive Offset processing of libde265...

6.2CVSS7.9AI score0.00215EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed an oops during rmmod on single-CPU platforms. During the removal of the idxd driver, a registered offline callback was invoked as part of the cleanup process. However, on systems with only one CPU online, n...

5.5CVSS6.1AI score0.00214EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: hfsplus: prevented corruption during the shrinking of truncate operations. I believe there are some issues introduced by commit 31651c607151 “hfsplus: avoided deadlock during file truncation”. HFS+ uses extent records, which alwa...

5.5CVSS6.1AI score0.0024EPSS
Exploits0References2
Total number of security vulnerabilities17430