Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in openimageio

A read vulnerability exists in the handling of IPTC data when parsing TIFF images in OpenImageIO v2.3.19.0. A specially crafted TIFF file can cause a read of adjacent heap memory, potentially exposing sensitive process information. An attacker can provide a malicious file to exploit this...

9.1CVSS8AI score0.01458EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in golang-golang-x-net

A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which can be manipulated by...

7.5CVSS7.1AI score0.01814EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac – Check the count value of the channel specification to prevent out-of-bounds reads This patch fixes out-of-bounds reads in brcmfconstructchaninfo and brcmfenablebw402g, which occur when the count value of the...

7.1CVSS6.3AI score0.00182EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix error handling code in ufxusbprobe The current error handling code in ufxusbprobe contains many inconsistencies. For example, the function ufxfreeusblist is missing, and the destroymodedb label should only...

5.5CVSS5.9AI score0.00178EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Intel Microcode

Unauthorized error injection in IntelR SGX or IntelR TDX for certain IntelR XeonR processors may allow a privileged user to potentially enable privilege escalation through local access...

7.2CVSS6.7AI score0.00312EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fixed a possible name leak in tcmloopsetuphbabus. If deviceregister fails in tcmloopsetuphbabus, the name allocated by devsetname needs to be freed. As noted in the comments for deviceregister, it should us...

5.5CVSS5.8AI score0.00184EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. This issue only affects clients. An integer underflow can lead to a Denial of Service DOS vulnerability, for example, an abort due to WINPRASSERT with default compilation flags. When an...

7.5CVSS6.8AI score0.01385EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions of FreeRDP are subject to a null pointer dereference that can lead to a crash in the RemoteFX rfx handling. Within the rfxprocessmessagetileset function, the program allocates...

7.5CVSS6.7AI score0.01321EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are subject to an integer underflow leading to out-of-bounds read operations in the zgfxdecompresssegment function. In the context of CopyMemory, it’s possible to read dat...

9.1CVSS7AI score0.01432EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions, there is a Global-Buffer-Overflow in the ncrushdecompress function. Feeding crafted input into this function can trigger the overflow, which has only been shown to cause a...

7.5CVSS6.7AI score0.01196EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Samba

A design flaw was identified in Samba’s DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users with the GETCHANGES permission to access all attributes, including sensitive...

7.5CVSS6.7AI score0.01151EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in edk2

EDK2’s Network Package is vulnerable to a out-of-bounds read vulnerability when processing the Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of confidentiality...

6.5CVSS6.9AI score0.00849EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in edk2

EDK2’s Network Package is vulnerable to a out-of-bounds read vulnerability when processing the IANA or IATA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of confidentiality...

6.5CVSS7AI score0.00937EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in edk2

EDK2’s Network Package is vulnerable to a buffer overflow vulnerability due to the long server ID option in DHCPv6 clients. This vulnerability can be exploited by an attacker to gain unauthorized access and may result in a loss of confidentiality, integrity, and/or availability...

8.8CVSS7.3AI score0.01213EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux - Vulnerability in Golang-1.19

When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as “Authorization” or “Cookie”. For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but ...

4.3CVSS6.3AI score0.0108EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A issue was discovered in the IGB driver’s source code, located in the file drivers/net/ethernet/intel/igb/igbmain.c, prior to version 6.5.3 of the Linux kernel. A buffer size may not be sufficient for frames that are larger than the MTU Maximum Transmission Unit...

7.5CVSS6.6AI score0.00544EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in ofono

A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug was detected within the smsdecodeaddressfield function during the SMS PDU decoding process. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, ...

8.1CVSS7.2AI score0.01006EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in ofono

A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug was triggered within the decodedeliverreport function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through...

8.1CVSS7.2AI score0.00936EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in ofono

A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug occurs within the decodestatusreport function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through SMS...

8.1CVSS7.1AI score0.00947EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A use-after-free vulnerability exists in the netfilter component of the Linux kernel’s code, specifically the nftables module. This vulnerability can be exploited to achieve local privilege escalation. Due to a race condition between the netlink control plane transaction of the nftables module an...

7.8CVSS6.5AI score0.00218EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Samba

A vulnerability was discovered in Samba’s “rpcecho” development server, a non-Windows RPC server used to test Samba’s DCE/RPC stack components. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the “rpcecho” service operates with only one...

6.5CVSS6.7AI score0.01723EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in libstb

It was discovered that Nothings stb 2.28 contains a Null Pointer Dereference issue through the stbiconvertformat function. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted PIC file...

5.5CVSS5.5AI score0.00301EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

A race condition was detected in the QXL driver within the Linux kernel. The qxlmodedumbcreate function dereferences the qobj returned by the qxlgemobjectcreatewithhandle function. However, the handle is the only entity that holds a reference to qobj. This flaw allows an attacker to guess the val...

7.5CVSS6.4AI score0.0042EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in OpenVSwitch

A flaw was discovered in Open vSwitch, where multiple versions are vulnerable to crafted Geneve packets, which may lead to a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...

7.5CVSS6.7AI score0.01033EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in librabbitmq

A vulnerability was discovered in the C AMQP client library also known as rabbitmq-c for RabbitMQ in versions up to 0.13.0. credentials can only be entered via the command line e.g., for amqp-publish or amqp-consume, and therefore they are visible to local attackers who can list processes along...

5.5CVSS5.5AI score0.00214EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in libvirt

A flaw was discovered in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, leading to a race condition and a denial of service when attempting to lock the same object from another thread. This issue could cause clients connecting to the read-only socket ...

6.5CVSS6.6AI score0.00621EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in qt4-x11, qtbase-opensource-src

In Qt versions prior to 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there may be an application crash in QXmlStreamReader due to a crafted XML string, causing a situation where a prefix is greater than a certain length...

7.5CVSS7.2AI score0.01324EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in liblivemedia

In Live555 0.95, there is a buffer overflow due to a large integer in the Content-Length HTTP header. This occurs because the handleRequestBytes function uses a memmove operation without proper bounds...

7.5CVSS7.4AI score0.0158EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Nasm

A Use After Free vulnerability exists in the newToken function in asm/preproc.c in nasm 2.14.02, allowing attackers to cause a denial of service through crafted nasm commands...

5.5CVSS6.7AI score0.00265EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables – Disallowed timeout for anonymous sets. These parameters have never been used in the user space; hence, they are not allowed...

2.5CVSS6.1AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-6.1, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Check rcureadlockTraceheld before calling BPF map helpers. These three BPFmaplookup,update,deleteelem helpers are also available for sleepable BPF programs. Therefore, add the corresponding lock assertion for sleepable BP...

7.8CVSS6.4AI score0.00238EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: rpmsg: virtio: Free driveroverride when rpmsgremove Free driveroverride when rpmsgremove. Otherwise, the following memory leak will occur: Unreferenced object 0xffff0000d55d7080 size 128: comm "kworker/u8:2", pid 56, jiffies...

6.6CVSS6.2AI score0.00286EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in ncurses

A buffer overflow vulnerability exists in the postprocessterminfo function in tinfo/parseentry.c:997 within ncurses 6.1. This vulnerability allows remote attackers to cause a denial of service by using crafted commands...

6.5CVSS5.7AI score0.01895EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in ldns

When ldns version 1.7.1 verifies a zone file, the ldnsrrnewfrmstrinternal function has a heap out-of-bounds read vulnerability. An attacker can leak information from the heap by constructing a zone file payload...

6.5CVSS6.9AI score0.0131EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in curl

An integer overflow vulnerability exists in the tooloperate.c file of curl 7.65.2, which can be exploited by using a large value as the retry delay. NOTE: Many reports indicate that this does not have a direct security impact on the curl user. However, it may in theory cause a denial of service t...

3.3CVSS5.5AI score0.00359EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: Fixed a race condition when enabling fast-xmit. fast-xmit must only be enabled after the station has been uploaded to the driver. Otherwise, it might pass the yet-to-be-uploaded station through drvtx calls to the...

5.5CVSS5.7AI score0.00193EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/neonbs – fixed an issue of out-of-bounds access due to short inputs. The bit-sliced implementation of AES-CTR operates on blocks of 128 bytes. For tail blocks or inputs that are shorter than 128 bytes, it will fall...

7.1CVSS5.7AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/swap: fixed a race condition when skipping swapcache When skipping swapcache for SWPSYNCHRONOUSIO, if two or more threads swap the same entry at the same time, they may obtain different pages A, B. Before one thread T0 finishe...

5.5CVSS6.3AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fixed the issue where memory was disabled if the DVSEC CXL range did not match a CFMWS window. The Linux CXL subsystem is based on the assumption that HPA == SPA. That is, the host physical address HPA of HDM decoder...

5.5CVSS6.2AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoiding deadlock on the delete association path When deleting an association, the shutdown path experiences a deadlock condition because we try to flush the nvmetwq nested structure. This issue can be avoided by delayi...

4.4CVSS5.5AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: ti: edma: Added some null pointer checks to the edmaprobe. The devmkasprintf function returns a pointer to dynamically allocated memory, which may be NULL in case of failure. Ensure that the allocation was successfu...

5.5CVSS6.1AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: Device name buffers passed to the device replace function are properly validated for string termination. This prevents a read out of bounds situation in the getnamekernel function. There is a syzbot report...

7.1CVSS5.9AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ceph: The “use after free” error was caught by KASAN at the line cephbuffergetarg-xattrbuf;. This means that the reference count could not be incremented before the memory was freed. In the same file, in the handlecapgrant...

7.8CVSS5.8AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed MST Null Ptr for RV The change attempts to fix the following error specific to the RV platform: BUG: Kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOPTI...

5.5CVSS6.4AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskDestroySock, with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskBindHash; However, syzkaller’s log...

5.5CVSS6AI score0.0027EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: usb: cdns3: fixed memory usage after freeing variables at cdns3gadgetepdisable ... cdns3gadgetepfreerequest&privep-endpoint, &privreq-request; listdelinit&privreq-list; ‘privreq’ is actually freed during...

7.8CVSS6AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drivers: base: dd: A memory leak has been fixed when using debugfslookup. When calling debugfslookup, the result must also call dput; otherwise, a memory leak will occur over time. To simplify things, simply call...

5.5CVSS5.9AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: Base: Component – A memory leak was fixed in the use of debugfslookup. When calling debugfslookup, the result must also call dput on it; otherwise, a memory leak will occur over time. To simplify things, simply call...

5.5CVSS5.2AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fixed the fout leak in hbm’s runbpfprog. Fixed the issue where fout was opened using fopen, but fclose wasn’t performed afterward. In the affected branch, fout otherwise would go out of scope...

5.5CVSS5.9AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validated the box size for the snooped cursor. Invalid user-space DMA surface copies could potentially cause an overflow when copying data from the surface to the snooped image, leading to crashes. To address this...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References1
Total number of security vulnerabilities18095