Lucene search
K
AstralinuxRecent

18086 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: The delay module was unloaded while the fabric scan was in progress. This led to a system crash during the load/unload test. 105954.384919 RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: In raid1reshape, the freezearray function is called before modifying the r1bio memory pool conf-r1biopool and conf-raiddisks. The unfreezearray function is called after the update is completed. However, freezearray only waits unt...

5.3CVSS5.8AI score0.00084EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Prerender in Google Chrome before version 147.0.7727.101 allowed a remote attacker to execute arbitrary code through a crafted HTML page. Chromium security severity: Critical...

8.8CVSS7.9AI score0.00341EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the browser UI of Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00206EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. Chromium security severity: Low...

8.8CVSS7.4AI score0.00195EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: IOMMU: Disable SVA when CONFIGX86 is set The patch series “Fix stale IOTLB entries for kernel address space”, version 7, proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA contex...

7.8CVSS5.8AI score0.00145EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebML in Google Chrome prior to version 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page. Chromium security severity: High...

4.3CVSS6.9AI score0.00241EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in Chromium

The incorrect security UI in Blink in Google Chrome prior to version 147.0.7727.55 allowed a remote attacker to perform UI spoofing through a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.7AI score0.00191EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘wireguard: device: enable threaded NAPI’” This resolution involves commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c, which is a commit from upstream. We received three independent reports from production users who were...

7.5CVSS5.7AI score0.00307EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

7.5CVSS7.1AI score0.00687EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebML in Google Chrome prior to version 147.0.7727.55 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS8.1AI score0.00608EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

10CVSS7.3AI score0.00665EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in PostgresSQL-15

Integer wraparound in several PostgreSQL libpq client library functions allows an application’s input provider or network peer to cause libpq to undersize allocations and write out-of-bounds data, involving hundreds of megabytes. This leads to a segmentation fault in the application that uses...

5.9CVSS6.7AI score0.00307EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in python-cryptography

Cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey, and loadpempublickey functions did not verify...

8.2CVSS6.7AI score0.00341EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Ruby 3.1

Zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0, and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zstreambufferungets function prepends bytes provided by the caller before previously produced...

9.8CVSS6.1AI score0.00561EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

9.8CVSS7.3AI score0.00755EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

Using “after free” in Codecs in Google Chrome before version 147.0.7727.101 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.0037EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

JIT compilation errors in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

9.8CVSS7.3AI score0.00474EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

Integer overflow in WebRTC in Google Chrome prior to version 147.0.7727.55 allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: Low...

8.8CVSS7.4AI score0.00215EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00303EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

Using “after free” in Codecs in Google Chrome before version 147.0.7727.101 allowed a remote attacker to potentially perform out-of-bounds memory access through a crafted video file. Chromium security severity: High...

4.3CVSS6.6AI score0.00221EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: crypto: caam – Fixed a memory leak in dpaa2caamprobe. When commit 0e1a4d427f58 “crypto: caam: Unembed netdev structure in dpaa2” converted the embedded netdevice to dynamically allocated pointers, it added cleanup code in...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in libstb

In Libsixel, prior to and including v1.10.3, a NULL pointer dereferencing in the stbimage.h component of libsixel allows attackers to cause a denial of service DOS through a crafted PICT file...

6.5CVSS6.6AI score0.00922EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: xfs: check the return value of xchkscrubcreatesubord. This function should be fixed to return NULL instead of the mangled ENOMEM. Additionally, the calling functions should be corrected to actually check for a null pointer and...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Sandbox escape due to a use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

10CVSS7.3AI score0.00531EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Ruby-Rack

Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, the path check for Rack::Directory used a string prefix match on the expanded path. A request like /../rootexample/ could escape the configured root if the target path started with the root string, allowing...

7.5CVSS6.6AI score0.00665EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: slimbus: core: fix device reference leak on report present Slimbus devices can be allocated dynamically upon receiving report-present messages. Be sure to release the reference taken when checking for already registered devices...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: xfrm6: fixed an issue where uninitialized saddr values were used in xfrm6getsaddr. The xfrm6getsaddr function does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address...

8.6CVSS5.8AI score0.00375EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check the return value of indxfind to avoid infinite loops We have identified a bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed dentry in the ntfs3 filesystem can cause the...

5.5CVSS5.9AI score0.00118EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Fix for iiochanspec for sensors without event detection capabilities. The stlsm6dsxaccchannels array within struct iiochanspec contains a eventspec field that is not NULL, indicating that the sensor supports...

5.7AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a crash that occurred when using a synthetic stacktrace field. When creating a synthetic event based on an existing synthetic event that had a stacktrace field, the new synthetic event used that field, resulting in...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: power: supply: bq25980: A use-after-free occurred in the powersupplychanged function. By using the devm variant to request the IRQ before using the devm variant to allocate/register the powersupply handle, the powersupply handle...

7.8CVSS5.8AI score0.0016EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm/atmel-hlcdc: fixed a memory leak caused by the atomicDestroystate callback. After several commits, the amount of slated memory increased. Some drmcrtccommit objects were not freed. The atomicDestroystate callback only free...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/panel-simple: Fixed the connector type for the DataImage SCF0700C48GGU18 panel. The connector type for the DataImage SCF0700C48GGU18 panel is missing, and devmdrmpanelbridgeadd requires the connector type to be set. This...

5.7AI score0.00173EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: wan/fslucchdlc: Fixed the dmafreecoherent function in uhdlcmemclean. The priv-rxbuffer and priv-txbuffer are allocated together as contiguous buffers in uhdlcinit, but they are freed as two separate buffers in uhdlcmemclean...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: sched/rt: The function rtonextcpu should now properly handle situations where only CPU0 is overloaded. In such cases, rtonextcpu should ideally return -1, indicating that no further IPIs are needed. The vulnerability arises when...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 148 and Thunderbird 148. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 149 and Thunderbird...

9.8CVSS6AI score0.0033EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: gve: Fixed corruption in the stats report when the number of queues changes. The driver and the Network Interface Card NIC share a memory region for stats reporting. The NIC calculates its offset within this region based on the...

7.8CVSS5.9AI score0.0012EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: 9p/xen: Protect xen9pfsfrontfree against concurrent calls The xenwatch thread can race with other backend change notifications and call xen9pfsfrontfree twice, causing the observed general protection fault due to a double-free...

8.8CVSS5.7AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

7.5CVSS7.1AI score0.00463EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: hfsplus: Return error when the node already exists in hfsbnodecreate When hfsbnodecreate detects that a node already exists and has been hashed which should not happen under normal conditions, it currently returns the existing no...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount – increased the connection cleanup limit to 64. After the optimization to perform only one garbage collection per jiffy, a new problem emerged. If more than 8 new connections are tracked per jiffy, the list...

7.5CVSS5.7AI score0.00686EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Python 3.11

The webbrowser.open API accepts URLs with leading hyphens, which can be treated as command-line options for certain web browsers. However, the new behavior disallows the use of leading hyphens. It is recommended that users sanitize URLs before passing them to webbrowser.open...

7.1CVSS6.5AI score0.00308EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: ChipIdea UDC: Fix for DMA and SG cleanup in epnuke The ChipIdea UDC driver may encounter errors where “not-page-aligned sg buffers” occur when a USB device is reconnected after being disconnected during an active transfer...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in firewalld

A flaw was discovered in firewalld. A local unprivileged user can exploit this vulnerability by improperly authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This improper authorization allows the user to modify the runtime firewall state without proper...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in qBittTorrent

qBittorrent versions before 5.1.2 do not prevent access to a local file that is referenced in a link URL. This issue affects rsswidget.cpp and searchjobwidget.cpp...

5.3CVSS5.8AI score0.00398EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in Skia in Google Chrome prior to version 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page. Chromium security severity: Critical...

4.3CVSS6.3AI score0.00286EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in pyopenssl

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting from version 22.0.0 and before version 26.0.0, if a user provided a callback for setcookiegeneratecallback and the returned cookie value was longer than 256 bytes, pyOpenSSL would cause an overflow of the buffer provided by OpenSS...

9.8CVSS6AI score0.00704EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in pyjwt

PyJWT is an implementation of JSON Web Tokens in Python. Before version 2.12.0, PyJWT did not validate the Critical Header Parameter defined in RFC 7515 §4.1.11. When a JWS token contains a critical array listing extensions that PyJWT does not understand, the library accepts the token instead of...

7.5CVSS6.6AI score0.00269EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in GraphicsMagick

GraphicsMagick before 8e56520 has a heap-based buffer over-read issue in the ReadJXLImage function, located in coders/jxl.c, related to a call to ImportViewPixelArea...

9.1CVSS5.9AI score0.00315EPSS
Exploits1References3
Total number of security vulnerabilities18086