Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Memory: Fixed the refcount leak issue in oflpddr3getddrtimings. We should add the ofnodeput function when exiting from foreachchildofnode, as it will automatically increase and decrease the refcount...

5.5CVSS5.3AI score0.00145EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in docker.io

Moby is an open-source project created by Docker to enable software containerization. A bug was discovered in Moby Docker Engine, where the data directory /var/lib/docker, contained subdirectories with insufficiently restricted permissions. This allowed unprivileged Linux users to access and...

6.3CVSS6.6AI score0.02693EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in docker.io

Moby is an open-source project created by Docker to enable software containerization. A bug was discovered in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates the supplementary group permissions, they may be abl...

6.3CVSS6.6AI score0.00807EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtlwifi: Fixed a global-out-of-bounds bug in rtl8812ae PhySetTxPowerLimit There is a reported global-out-of-bounds issue by KASAN: BUG: KASAN: Global-out-of-bounds in rtl8812aeeqnbyte.part.0+0x3d/0x84 rtl8821ae Reading of...

7.1CVSS5.3AI score0.00149EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: brwifimac – fixed a potential memory leak in brwifinetdevstartxmit. The function brwifinetdevstartxmit returns NETDEVTXOK without freeing the skb variable, especially when pskbexpandhead fails. This issue was addressed by...

5.5CVSS5.9AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: The null-ptr-deref issue in vkmsrelease has been fixed. A null-ptr-deref occurs when trying to destroy the workqueue in vkms-output.composerworkq during vkmsrelease. KASAN: Null-ptr-deref occurred in the range...

5.5CVSS5.5AI score0.00184EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mmc: vub300: fix warning – do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with a mutex and requires TASKRUNNING to function properly. Ensure that we mark the current context as TASKRUNNING for sleepable...

5.5CVSS6AI score0.00149EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: caif: A memory leak has been fixed in cfctrllinkuprequest. When linktype is unknown, or kzalloc fails in cfctrllinkuprequest, pkt is not released. Add a release process to the error handling logic...

5.5CVSS5.9AI score0.00136EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed the issue with mlx5ibgethwstats when used for devices. Currently, when mlx5ibgethwstats is used for a device where portnum = 0, there is a special handling to ensure that the correct counters are used. However,...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in binutils

A vulnerability was discovered in cp-demangle.c within GNU libiberty, as part of the GNU Binutils 2.31 package. This vulnerability stems from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could exploit this vulnerability to cause a...

5.5CVSS6.7AI score0.01686EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: The block range must be validated before being used in ext4mbclearbb. The block range to be freed is validated in ext4freeblocks, using ext4 inodeblockvalid. This range is then passed to ext4mbclearbb. However, in some case...

7.8CVSS6.1AI score0.00164EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Harden depth calculation functions A vulnerability was identified where the operating system can pass in U32MAX as the size of SQ/RQ/SRQ. This can lead to integer overflow and truncation of the SQ/RQ/SRQ depth values...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in the Linux kernel before version 6.3.4. In the fs/ksmbd/connection.c file of ksmbd, there is an off-by-one error in memory allocation due to ksmbdsmb2checkmessage, which may lead to out-of-bounds access...

9.8CVSS6.8AI score0.01077EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved checks. This issue is fixed in iOS 16.6, iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, and watchOS 9.6. Processing web content may lead to arbitrary code execution...

8.8CVSS7.2AI score0.01346EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved memory handling. This issue is fixed in iOS 16.6, iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, and watchOS 9.6. Processing web content may lead to arbitrary code execution...

8.8CVSS7.1AI score0.0115EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When creating a callback via IPC to display the Color Picker window, multiple identical callbacks might be created at once. Eventually, all of them would be destroyed as soon as one of the callbacks is completed. This could lead to a use-after-free condition, resulting in a potentially exploitabl...

6.5CVSS6.6AI score0.00571EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Excel .xll add-ins did not have a blocklist entry in Firefox’s executable blocklist, which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...

4.3CVSS6.5AI score0.00495EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libxpm

A vulnerability was discovered in libXpm, where a boundary condition allows a local user to trigger an out-of-bounds read error, thereby reading contents of memory on the system...

5.5CVSS6.2AI score0.00352EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When calling JS::CheckRegExpSyntax, a syntax error may be set, resulting in the call to convertToRuntimeErrorAndClear. A path within the function might attempt to allocate memory when no memory is available, causing a newly created Out of Memory exception to be misinterpreted as a syntax error...

6.5CVSS6.6AI score0.00528EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Memory safety bugs exist in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...

8.8CVSS7.4AI score0.00657EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations of Skia in Google Chrome prior to version 115.0.5790.98 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...

9.6CVSS7.4AI score0.00369EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

A use-after-free flaw was discovered in the Linux kernel’s Netfilter functionality when adding a rule with NFTARULECHAINID. This flaw allows a local user to crash or escalate their privileges on the system...

7.8CVSS6.6AI score0.0056EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When UpdateRegExpStatics attempted to access initialStringHeap, it might have already been garbage collected before entering the function. This could potentially lead to a exploitable crash. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...

6.5CVSS6.8AI score0.00554EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Push notifications stored on disk in private browsing mode were not encrypted, potentially allowing the leakage of sensitive information. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...

6.5CVSS6.7AI score0.00361EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When checking whether the Browsing Context was discarded in HttpBaseChannel, if the load group was not available, it was assumed that the Browsing Context had already been discarded. However, this assumption was not always true for private channels after the private session ended. This...

7.5CVSS6.7AI score0.00565EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When creating a callback via IPC to display the File Picker window, multiple identical callbacks might be created at once. Eventually, all of them would be destroyed as soon as one of the callbacks is completed. This could lead to a use-after-free condition, resulting in a potentially exploitable...

6.5CVSS6.6AI score0.00571EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Firefox

Search queries in the default search engine might appear to be the currently navigated URL, provided that the search query itself is a properly formed URL. This could lead to a site spoofing another site, if it was maliciously set as the default search engine. This vulnerability affects Firefox...

3.1CVSS6.1AI score0.00382EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Memory safety bugs exist in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. Th...

8.8CVSS7.4AI score0.00693EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in the X.Org Server Overlay Window. A use-after-free could lead to local privilege escalation. If a client explicitly destroys the compositor overlay window also known as COW, the Xserver will retain a dangling pointer to that window in the CompScreen structure, which will...

7.8CVSS7.1AI score0.0044EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libcroco

The crparserparseselectorcore function in cr-parser.c within libcroco 0.6.12 allows remote attackers to cause a denial of service infinite loop and CPU consumption through a crafted CSS file...

7.1CVSS6.7AI score0.12996EPSS
Exploits4References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in libpng1.6

A issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function gettoken in the pnm2png.c file within pnm2png...

8.8CVSS7.1AI score0.03554EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Shadow

A vulnerability was discovered in Shadow 4.5. The newgidmap function part of shadow-utils is setuid, allowing an unprivileged user to be placed in a user namespace where setgroups2 is allowed. This enables an attacker to remove themselves from a supplementary group, potentially granting them acce...

5.3CVSS6.3AI score0.01596EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in xorg-server

A vulnerability classified as critical was discovered in X.org Server. The vulnerability affects the GetCountedString function in the xkb/xkb.c file. This vulnerability can lead to a buffer overflow. It is recommended that you apply a patch to address this issue. The identifier associated with th...

8.8CVSS7.4AI score0.01419EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Dbus

A issue was discovered in D-Bus before 1.12.24, 1.13.x, and 1.14.x, before 1.14.4, and 1.15.x, before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures...

6.5CVSS6.6AI score0.00831EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in dcmtk

The service class user SCU of OFFIS DCMTK all versions prior to 3.6.7 is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could enable remote code execution...

9.8CVSS7.2AI score0.02846EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in wavpack

A null pointer dereference bug was found in wavpack-5.4.0. Results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: AddressSanitizer: SEGV at an unknown address 0x000000000000 pc 0x561b47a970c6, bp 0x7fff13952fb0, sp...

5.5CVSS6AI score0.00358EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in the Xorg-x11-server. The specific flaw lies in the handling of ProcXkbSetDeviceInfo requests. The issue arises due to the lack of proper validation of the data provided by the user, which can lead to a memory access beyond the allocated buffer’s limit. This flaw allows an...

7.8CVSS7.5AI score0.00573EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in xorg-server

A vulnerability, which was classified as problematic, has been identified in the X.org Server. The affected component is the function ProcXkbGetKbdByName in the file xkb/xkb.c. This vulnerability causes a memory leak. It is recommended that a patch be applied to address this issue. The identifier...

6.5CVSS6AI score0.01681EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in xorg-server

A vulnerability was discovered in X.Org. This security flaw occurs because the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths greater than 32 bytes are sent through the XTestFakeInput request. This issue can lead to local...

8.8CVSS7.7AI score0.02484EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in xorg-server

A vulnerability was discovered in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges escalation on systems where the X server is running with...

8.8CVSS7.7AI score0.02516EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in aom

It was discovered that AOM v2.0.1 contains a NULL pointer dereferencing issue, which occurs through the component av1/av1dxiface.c...

6.5CVSS6.7AI score0.01381EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in gst-plugins-base1.0

GStreamer before version 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags...

5.5CVSS6.8AI score0.05372EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in sssd

A flaw was discovered in SSSD, where the sssctl command was vulnerable to shell command injection through the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into executing a specially crafted sssctl command, such as using sudo, in order to gain root...

9.3CVSS6.6AI score0.02524EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in golang-golang-x-text

In golang.org/x/text, the text/language field before version 0.3.7 can cause a panic due to an out-of-bounds read during BCP 47 language tag parsing. Index calculations are also handled incorrectly. If untrusted user input is parsed, this could be exploited as a vector for a denial-of-service...

7.5CVSS7.2AI score0.01356EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

An integer overflow or wrap-around vulnerability in the iouring module of the Linux kernel allows a local attacker to cause memory corruption and escalate privileges to root. This issue affects Linux Kernel versions prior to 5.4.189, as well as version 5.4.24 and later versions...

7.8CVSS6.8AI score0.00501EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in ruby-rails-html-sanitizer

Rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there was a potential XSS vulnerability with certain configurations of Rails::Html::Sanitizer, due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer might allow an attacke...

6.1CVSS6.6AI score0.0111EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in hdf5

There is a heap-based buffer overflow vulnerability in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially crafted GIF file can lead to code execution. An attacker can provide a malicious file to exploit this vulnerability...

7.8CVSS7.7AI score0.00618EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in exim4

The STARTTLS feature in Exim up to 4.94.2 allows for response injection buffering during MTA SMTP sending...

7.5CVSS7.2AI score0.01996EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix errant WARNONONCE in j1939sessiondeactivate The statement “j1939sessiondeactivate should be called with a session ref-count of at least 2” is incorrect. In some concurrent scenarios, j1939sessiondeactivate can be...

5.5CVSS6.2AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in ruby-rails-html-sanitizer

Rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, certain configurations of Rails::Html::Sanitizer could potentially introduce XSS vulnerabilities. An attacker could inject content if the application developer overrides the sanitizer’...

7.2CVSS6.3AI score0.00988EPSS
Exploits1References1
Total number of security vulnerabilities18095