Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.14 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A use-after-free vulnerability was discovered in the siano smsusb module within the Linux kernel. The bug occurs during device initialization, when the siano device is plugged in. This flaw allows a local user to crash the system, resulting in a denial-of-service condition...

5.5CVSS6.6AI score0.00255EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ca8210: Fix for negative array access to maclen This patch addresses a buffer overflow issue where skb-data is accessed if ieee802154hdrpeekaddrs fails...

5.5CVSS6.4AI score0.00184EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: dmcrypt: added condresched to dmcryptwrite. The loop in dmcryptwrite may run for an unlimited amount of time; therefore, condresched is needed in it. This commit fixes the following warnings: 3391.153255 C12 watchdog: BUG: sof...

5.5CVSS6.4AI score0.00186EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fixed the kernel data leak caused by ioctl calls. It is possible to view the data of kernel pages by providing a larger insize value in struct croseccommand1 when invoking EC host commands. This...

7.1CVSS5.6AI score0.0017EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in netcdf

The ezxmlnew function in ezXML 0.8.6 and earlier is vulnerable to OOB write attacks when opening an XML file after exhausting the memory pool...

8.1CVSS7.2AI score0.01178EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Cast UI in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to spoof the browser UI through a crafted HTML page. Chromium security severity: Low...

4.3CVSS6.1AI score0.00415EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in imagemagick

A issue was discovered with ImageMagick 7.1.0-4, involving division by zero in the ReadEnhMetaFile function of coders/emf.c...

7.5CVSS7.1AI score0.00795EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Object corruption in Blink in Google Chrome prior to version 94.0.4606.54 allowed a remote attacker to potentially exploit object corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.0055EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Before version 91.0.4472.77, using "Use after free" in DevTools in Google Chrome allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code through a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS7.7AI score0.00479EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Blink in Google Chrome before version 93.0.4577.82 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.5AI score0.00557EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in openjpeg2

A flaw was discovered in the opj2decompress program within openjpeg2 2.4.0, particularly in its handling of an input directory containing a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free on an uninitialized pointer, resulting...

5.5CVSS7AI score0.01078EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in the Xorg-x11-server. A out-of-bounds access issue may occur in the ProcXkbSetGeometry function due to improper validation of the request length...

7.8CVSS7.1AI score0.00438EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libraw

A flaw was discovered in LibRaw. A heap-buffer-overflow in the raw2imageex function, caused by a maliciously crafted file, may lead to an application crash...

6.5CVSS6.3AI score0.01289EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in avahi

A vulnerability was discovered in the avahi library. This flaw allows a non-privileged user to make a dbus call, causing the avahi daemon to crash...

5.5CVSS6.3AI score0.00392EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox

Under certain circumstances, calling the bind function might result in an incorrect realm being set. This could create a vulnerability related to JavaScript-implemented sandboxes, such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

6.5CVSS6.8AI score0.00327EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in PHP 7.3

In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, and 8.2. before 8.2.7, when using SOAP HTTP Digest Authentication, the random value generator was not checked for failures. It used a narrower range of values than necessary. In the event of a random value generator failure, it could lead to...

4.3CVSS6.1AI score0.00709EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 111. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Andro...

8.8CVSS7.4AI score0.00521EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in TeXeVe-bin

LuaTeX prior to version 1.17.0 allowed the execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because the luatex-core.lua file allows access to the io.popen function. This issue also affects TeX Live prior to version 2023 r66984 and MiKT...

8.8CVSS7.4AI score0.00804EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Wireshark

In Wireshark versions 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13, the VMS TCPIP trace file parser crashes. This issue allows for denial of service through malicious capture files...

6.5CVSS6.8AI score0.01772EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Wireshark

The NetScaler file parser crashes in Wireshark versions 4.0.0 to 4.0.5, and 3.6.0 to 3.6.13. This issue allows for denial of service through crafted capture files...

6.5CVSS6.8AI score0.01772EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Wireshark

The GDSDB infinite loop in Wireshark versions 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows for denial of service through packet injection or malicious capture files...

7.5CVSS7AI score0.01592EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in connman

The client.c file in gdhcp within ConnMan, as of version 1.41, can be exploited by network-adjacent attackers who operate a crafted DHCP server. This exploitation can lead to a stack-based buffer overflow and a denial of service attack, resulting in the termination of the connman process...

6.5CVSS6.8AI score0.00964EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A flaw was discovered in the exFAT driver of the Linux kernel. The vulnerability resides in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long...

6.7CVSS6.7AI score0.00664EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in the PrintPreview function in Google Chrome prior to version 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.5AI score0.00477EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Extensions in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to spoof extension storage via a crafted HTML page. Chromium security severity: High...

6.5CVSS6.6AI score0.0048EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in DevTools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...

6.5CVSS6.7AI score0.00491EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Media in Google Chrome before version 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.5AI score0.0055EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in URL formatting in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.6AI score0.0048EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Before version 99.0.4844.51, using Accessibility in Google Chrome allowed a remote attacker who convinced a user to perform certain UI gestures to execute arbitrary read/write operations through a crafted HTML page. Chromium security severity: Low...

8.8CVSS7.6AI score0.00535EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in hsqldb1.8.0, hsqldb

A flaw was discovered in the Libreoffice package. An attacker can create an odb file that contains a “database/script” file with a SCRIPT command. The contents of this file can then be written into a new file, whose location is determined by the attacker...

5.5CVSS6.3AI score0.65692EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Firefox

Under certain circumstances, the offline cache of a ServiceWorker may have been leaked to the file system when using private browsing mode. This vulnerability affects Firefox versions earlier than 111...

4.3CVSS6.5AI score0.00456EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/sched: schtaprio: fixed possible use-after-free issue. syzbot reported a serious crash 1 in nettxaction, which made no sense until we obtained a reproducible example. This example reinstalls the taprio qdisc, but an invali...

7.8CVSS6.3AI score0.0018EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

A use-after-free flaw was discovered in the Linux kernel. When a disk is removed, the bdiunregister function is called to stop further write-back operations, and the system waits for the associated delayed tasks to complete. However, the wb inodewritebackend function may schedule bandwidth...

7.8CVSS7AI score0.00254EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A memory leak issue was discovered in the ctnetlinkcreateconntrack function within net/netfilter/nfconntracknetlink.c in the Linux kernel. This issue may allow a local attacker with CAPNETADMIN privileges to trigger a Denial-of-Service DoS attack due to a refcount overflow...

5.5CVSS6.7AI score0.00301EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in SQLite

The osunix.c file in SQLite before version 3.13.0 improperly implements the temporary directory search algorithm. This may allow local users to obtain sensitive information, cause a denial of service application crash, or have unspecified other impacts by leveraging the current working directory...

5.9CVSS6.6AI score0.0048EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in protobuf

A parsing issue similar to CVE-2022-3171 occurs when using textformat in the protobuf-java core and Lite versions before versions 3.21.7, 3.20.3, 3.19.6, and 3.16.3. This issue can lead to a denial-of-service attack. Inputs containing multiple instances of non-repeating embedded messages with...

7.5CVSS6.7AI score0.00567EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.14 views

Astra Linux – Vulnerability in Jackson-Databind

A deserialization flaw was discovered in Jackson-Databind through version 2.9.10.4. This flaw could allow unauthenticated users to execute code via Ignite-JTA or Quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

8.1CVSS7.1AI score0.03301EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in glibc

A out-of-bounds write vulnerability was discovered in glibc before version 2.31, when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution...

7CVSS7AI score0.00537EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick’s coders/jp2.c. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, including division by zero in mathematics. The greatest threat of this vulnerability is to system availability...

5.5CVSS6.8AI score0.01117EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Blink in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.8AI score0.00467EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Base Internals in Google Chrome before version 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.5AI score0.0055EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Wireshark

ISO 15765 and ISO 10681 dissectors in Wireshark versions 4.0.0 to 4.0.3, and 3.6.0 to 3.6.11 allow denial of service through packet injection or malicious capture files...

7.1CVSS7AI score0.00649EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: A race condition has been fixed, where eprobes can be called before the event occurs. The flag that instructs the event to call its triggers after reading the event is set for eprobes after they are enabled. This leads t...

4.7CVSS5.3AI score0.00117EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfs: Fixed missing xasretry calls during xarray iteration. netfslib has several places where it performs iteration of an xarray while being under the RCU read lock. It should call xasretry as the first step inside the loop. ...

5.5CVSS6.3AI score0.0014EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: Do not count unused/invalid keys for flow release. We are currently encountering the WARNON message in mctpi2cflowrelease: c if midev-releasecount midev-i2clockcount WARNONCE1, "Release count overflow"; This issue may...

5.5CVSS5.9AI score0.0014EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: The flag SBRDONLY is no longer set during the f2fshandlecriticalerror function. The syzbot reported the following bug: ------------ Cut here ------------ WARNING: CPU: 1, PID: 58, in kernel/rcu/sync.c:177, function...

5.3CVSS5.8AI score0.00597EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed an overflow issue with sdiv. Zac Ecob reported a problem where a bpf program might cause a kernel crash due to the following error: Oops: Divide error: 0000 1 PREEMPT SMP KASAN PTI The failure is caused by the...

5.5CVSS6.4AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: arm64: Fixed a shift-out-of-bounds bug Fixed a shift-out-of-bounds bug reported by UBSAN when running VMs with MTE enabled on host kernels. UBSAN: Shift-out-of-bounds in arch/arm64/kvm/sys regs.c:1988:14 The shift exponen...

5.5CVSS6.4AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: sched/core: Page allocation is disabled in tasktickmmcid. With KASAN and PREEMPTRT enabled, calling taskworkadd within tasktickmmcid may cause the following crash. 63.696416 BUG: A sleeping function is called from an invalid...

5.5CVSS6.3AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fixed a potential memory leak in bcmaspxmit. The bcmaspxmit function returns NETDEVTXOK without freeing the skb object in case of mapping failures. Add devkfreeskb to address this issue...

5.5CVSS6.2AI score0.00213EPSS
Exploits0References2
Total number of security vulnerabilities18095