Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

A vulnerability was discovered in the Linux kernel’s blockinvalidatepage function in the fs/buffer.c file of the filesystem. A missing sanity check may allow a local attacker with user privileges to cause a denial of service DOS issue...

5.5CVSS6.7AI score0.00309EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A data leak flaw was discovered in the way of the XFSIOCALLOCSP IOCTL in the XFS filesystem, which allows for an increase in file sizes when the size is unaligned. A local attacker could exploit this flaw to leak data from the XFS filesystem that would otherwise be inaccessible to them...

5.5CVSS6.7AI score0.00286EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Type confusion in the loader of Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01387EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in extensions in Google Chrome prior to version 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted Google Chrome extension...

8.8CVSS7.5AI score0.01052EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in BFCache in Google Chrome prior to version 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.6AI score0.01423EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 96.0.4664.93, using autofill in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: netsched: Fixed NULL dereferencing in fifosetlimit. syzbot reported another NULL dereferencing in fifosetlimit. 1 I can reproduce the issue with the following commands: unshare -n tc qd add dev lo root handle 1:0 tbf limit...

5.5CVSS6.2AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: schtaprio: properly canceled the timer from tapriodestroy There is a comment in qdisccreate regarding the fact that we do not call ops-reset in some cases. errout4: “Any broken qdiscs that would require an ops-reset...

5.5CVSS5.7AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted input in the Settings section of Google Chrome before version 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page through a crafted HTML page...

4.3CVSS6.6AI score0.00353EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability in Vim

Heap-based Buffer Overflow in the GitHub repository vim/vim before version 9.0.0220...

7.8CVSS6.7AI score0.00452EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts into the WebUI through a crafted HTML page...

6.5CVSS7AI score0.0057EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy function removes the interface before calling destroywork. This causes multiple WARNings from sysfsremovegroup, as the controller rport...

5.5CVSS5.7AI score0.00215EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fixed a race condition between the release of rpmsgctrldev and cdev The struct rpmsgctrldev contains a struct cdev. The current code releases the rpmsgctrldev struct in rpmsgctrldevreleasedevice, but the cdev is a...

7CVSS6AI score0.00172EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Tracing/histogram: Fixed a potential memory leak in kstrdup. The kfree function is not called in the error path, resulting in the memory allocated by kstrdup not being freed properly. p = param = kstrdupdata-paramsi, GFPKERNEL...

5.5CVSS5.9AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fixed a hang issue in usbkillurb by adding memory barriers. The syzbot fuzzer has identified a bug in which processes hang while waiting for usbkillurb to return. It turns out that the issue isn’t related to unmounting...

7.1CVSS6.1AI score0.00186EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: do not leak PM reference in the error path. If gpminfcapplytimings fails, the PM runtime usage counter must be dropped...

7.8CVSS5.4AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nvme: fixed a possible use-after-free in controller reset during load. Unlike .queuerq, in .submitasyncevent, drivers may not check the ctrl readiness for AER submission. This may lead to a use-after-free condition, which was...

7CVSS6.2AI score0.00259EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme-tcp: fixed a possible use-after-free issue in the transport errorrecovery process. While nvmetcpsubmitasynceventwork checks the ctrl and queue states before preparing the AER command and scheduling iowork, this check is...

7.8CVSS6.4AI score0.00246EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf: Fixed list corruption in perfcgroupswitch. There is list corruption in cgrpcpuctxlist. This occurs at the following path: perfcgroupswitch: listforeachentrycgrpcpuctxlist cpuctxschedin ctxschedin ctxpinnedschedin...

5.5CVSS6.3AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Networking layer: Fixed a memory leak that occurred when uncloning an skb dst and its associated metadata. When uncloning an skb dst and its associated metadata, a new dst+metadata is allocated and later replaces the old one in t...

5.5CVSS5.3AI score0.00282EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7AI score0.01236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium, WebKit2GTK

A heap buffer overflow in WebRTC in Google Chrome prior to version 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.8AI score0.70461EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Before version 103.0.5060.134, using free after in the Guest View in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00733EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 103.0.5060.134, using "after free" in PDF documents in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00761EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebGL in Google Chrome prior to version 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.6AI score0.01551EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 103.0.5060.134, using free in Views in Google Chrome allowed a remote attacker who convinced a user to engage in certain user interactions to potentially exploit heap corruption through UI interactions...

8.8CVSS7.3AI score0.01029EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.25 views

Astra Linux – Vulnerability in Chromium

Before version 103.0.5060.134, using the "after free" method in the Service Worker API in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.4AI score0.17864EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 102. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefo...

8.8CVSS7.6AI score0.00748EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 104.0.5112.79, using Tab Strip in Google Chrome on Chrome OS allowed a remote attacker who convinced a user to engage in certain user interactions to potentially exploit heap corruption through specific UI interactions...

8.8CVSS7.4AI score0.00411EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Chromium

Before version 104.0.5112.79, using Omnibox in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00651EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

In the Managed Devices API of Google Chrome, before version 104.0.5112.79, a remote attacker who convinced a user to enable a specific Enterprise policy could potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00615EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Wireshark

In Wireshark versions 3.0.0 to 3.0.3, and 2.6.0 to 2.6.10, the Gryphon dissector could enter an infinite loop. This issue was addressed in the plugin file plugins/epan/gryphon/packet-gryphon.c by checking for a packet length of zero...

7.8CVSS6.7AI score0.03753EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in exiv2

In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file may lead to an infinite loop and system hangs, accompanied by high CPU consumption. Remote attackers could exploit this vulnerability to cause a denial of service by using a specially crafted file...

7.8CVSS6.8AI score0.04296EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in htmldoc

HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hdstrlcpy function in string.c when called from rendercontents in ps-pdf.cxx via a crafted HTML document...

7.8CVSS7.5AI score0.01135EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in aspell

In GNU Aspell 0.60.8, objstack has a heap-based buffer overflow in the acommon::ObjStack::duptop function called from acommon::StringMap::add and acommon::Config::lookuplist...

7.8CVSS7.3AI score0.00549EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Systemd

It was discovered that a Systemd service that uses the DynamicUser property can create a SUID/SGID binary that will be allowed to run as the transient service’s UID/GID even after the service is terminated. A local attacker could exploit this flaw to access resources that will be owned by a...

7.8CVSS6AI score0.00912EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Systemd

It was discovered that a Systemd service that uses the DynamicUser property can obtain new privileges by executing SUID binaries. This allows the service to create binaries belonging to the transient group, with the setgid bit set. A local attacker could exploit this flaw to access resources that...

7.8CVSS6.1AI score0.00888EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in OpenVPN

A vulnerability was discovered in OpenVPN 2.4.x prior to version 2.4.9. An attacker can inject a data channel v2 PDATAV2 packet using the victim’s peer-id. Normally, such packets are discarded. However, if this packet arrives before the data channel crypto parameters have been initialized, the...

4.3CVSS6.7AI score0.01609EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Scsi: sg: Fix slab-use-after-free issue in sgrelease A use-after-free bug was fixed in sgrelease, detected by syzbot with KASAN: Bug: KASAN: Slab-use-after-free in lockrelease+0x151/0xa30 kernel/locking/lockdep.c:5838...

7.8CVSS6.3AI score0.0028EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: hrtimers: Properly handle CPU state during hotplug events. Consider a scenario where a CPU transitions from CPUHPONLINE to CPUHPHRTIMERSPREPARE after being hot-unplugged, and then back to CPUHPONLINE. Since the...

7.8CVSS6.4AI score0.00223EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fixed the issue of NULL pointer dereferencing during certain command aborts. If a command is queued into the final usable TRB of a ring segment, the enqueue pointer is advanced to the next link TRB and then stops there...

5.5CVSS6.2AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix an off-by-one error in mt7925loadclc This comparison should be set to = instead of to prevent out-of-bounds read and write operations...

7.8CVSS6.3AI score0.00224EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: platform/x86: int3472: Check if adev is NULL. Not all devices have an ACPI companion fwnode; therefore, adev might be NULL. This can, for example theoretically, occur when a user manually binds one of the int3472 drivers to anoth...

5.5CVSS6.2AI score0.00202EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: winwing: Added a NULL check in winwinginitled. The devmkasprintf function can return a NULL pointer if it fails, but this returned value is not checked in winwinginitled. A NULL check should be added in winwinginitled to...

5.5CVSS6.2AI score0.00195EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Added a check for the returned value of devmkasprintf. devmkasprintf may return a NULL pointer in case of failure, but this returned value is not checked...

5.5CVSS6.2AI score0.00189EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in ffmpeg, ffmpeg5

It was discovered that FFmpeg git-master, N-113007-g8d24a28d06 contains a segmentation violation through the component /libavcodec/jpeg2000dec.c...

6.5CVSS6.5AI score0.00344EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquiring SRCU in KVMGETMPSTATE to protect guest memory accesses Acquiring a lock on kvm-srcu when userspace is obtaining the MP state can lead to a severe edge case where processing APIC events, such as during pending...

5.5CVSS6.1AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Makes vmddev::cfglock of type rawspinlockt Access to the PCI configuration space via pciops::read and pciops::write is a low-level hardware operation. These functions can be accessed with disabled interrupts, even when...

5.5CVSS6.3AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in openh264

OpenH264 is a free license codec library that supports H.264 encoding and decoding. A vulnerability in the decoding functions of the OpenH264 codec library could allow a remote, unauthenticated attacker to trigger a heap overflow. This vulnerability arises from a race condition between the Sequen...

8.6CVSS7.6AI score0.00639EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in GhostScript

A issue was discovered in Artifex Ghostscript prior to version 10.05.0. The DOCXWRITE TXTWRITE device suffers from a text buffer overflow issue due to the use of long characters in the devices/vector/doccommon.c file...

9.8CVSS7AI score0.00579EPSS
Exploits0References2
Total number of security vulnerabilities18095