Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: Skips reading rdevs that are not in sync. When reading bitmap pages from member disks, the code iterates through all rdevs and attempts to read from the first available one. However, it only checks for the raiddis...

7.8CVSS5.7AI score0.00127EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: tcp: Call skdataready after listener migration When inetcsklistenstop migrates an established child socket from a closing listener to another socket within the same SOREUSEPORT group, the target listener receives a new...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8723bs: osdep: Avoid NULL pointer dereferencing in rtwcbufalloc. The return value of kzallocflex is used without ensuring that the allocation succeeds, and the pointer is dereferenced unconditionally. Protect access t...

5.6AI score0.00145EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed a race condition between the extent node destruction and writeback operations. The f2fsdestroyextentnode function does not set FINOEXTENT before clearing extent nodes. When called from f2fsdrop inode with ISYNC set...

4.7CVSS5.7AI score0.00093EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fixed the desynchronization of inner IPv6 headers. In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly calculates the transport header offset by traversing all extension headers...

9.1CVSS5.6AI score0.0031EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/vmalloc: The vmappurgelock must be taken in the shrinker function. The decayvapoolnode function can be invoked concurrently from two paths: 1. purgevmaparealazy, when pools are being purged; 2. The shrinker via...

7.8CVSS5.7AI score0.00127EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: Protect the kfree function with damonsysfslock. The damonsysfsquotgoal-path can be read and written by users via the sysfs 'path' file. It can also be indirectly read, for the parameters committed to DAMON...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix UAF in inactivity-timer cleanup path Commit 38224c472a03 "HID: appletb-kbd: fix slab use-after-free bug in appletbkbdprobe" added timerdeletesync&kbd-inactivitytimer to both the probe closehw error path and...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: fixed unclocked access during unbind operations. Ensure that the controller is resumed at runtime before disabling it during driver unbind operations, to avoid unclocked register accesses. This issue was...

7.1CVSS5.6AI score0.00131EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: Do not attempt to transmit during emulated read-only dual/quad operations. The core will handle reads by generating clock cycles itself; there is no need to generate clock cycles by transmitting garbage...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: A “static” value was dropped from the fast-RX rxresult data structure. The function ieee80211invokefastrx is documented as safe for parallel RX operations. However, the rxresult returned by this function is declar...

8.8CVSS5.6AI score0.00161EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rkcif: Added the “MUSTCONNECT” flag to the pads. The pads failed to check for connected devices, which may lead to a null dereference when the stream is enabled. It is impossible to handle a NULL pointer...

5.5CVSS5.6AI score0.00105EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: HID: appletb-kbd: running inactivity autodim from workqueues The autodim code in hid-appletb-kbd uses backlightdevice-opslock via backlightdevicesetbrightness - mutexlock, in two different atomic contexts: appletbinactivitytim...

5.5CVSS6AI score0.00128EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: misc: bcmvk: Fixed possible null-pointer dereferences in bcmvkread. In the function bcmvkread, the pointer entry is checked, indicating that it can be NULL. If the entry is NULL and rc is set to -EMSGSIZE, the following code may...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust the PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35. Why A backport of this change was made for DCN401 to address a issue where turning off the PHY PLL when disabling the TMDS output caused the OTG t...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: GPIO: sysfs: fix the issue where removing a chip with GPIOs exported through sysfs occurs. Currently, if we export a GPIO through sysfs and unbind the parent GPIO controller, the exported attribute will remain under...

5.5CVSS5.4AI score0.00126EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/cpu: The X86CR4FRED bit was removed from the CR4 pinned bits mask. The commit in “Fixes” added the FRED CR4 bit to the CR4 pinned bits mask, so that whenever other processes modify CR4, that bit remains set. This is a perfect...

5.5CVSS5AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: The KCOV instrumentation is disabled after the loadsegments function is called. The loadsegments function modifies segment registers, invalidating the GS base—something that KCOV relies on for per-cpu data. When...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: fixed leaks when hcicmdsyncqueueonce fails When hcicmdsyncqueueonce returns an error, the destroy callback will not be called. Fixed the issue of leaking references/memory in cases where this error occurs...

5.5CVSS6.6AI score0.00107EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: vfio/xe: Reorganized the init process to separate migration from reset operations. Attempting to perform a reset on VF devices that do not support migration leads to the following issues: BUG: Unable to handle a page fault for...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: A NULL pointer dereference occurred in the updatecpuqosrequest function. The updatecpuqosrequest function attempts to initialize the freq variable by dereferencing cpudata before verifying whether the policy...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fixed potential NULL dereferencing in ioam6fillTraceData. We need to check in6devget for a possible NULL value, as suggested by Yiming Qian. Also, add skbdstdevrcu instead of skbdstdev, and two missing READONCE calls...

7.5CVSS5.8AI score0.00426EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: misc: tifpc202: fixed a potential memory leak in the probe function. Used “foreachchildofnodescoped” to simplify the code and ensure that the device node reference is automatically released when the loop scope ends...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Added a bounds check on patindex to prevent out-of-bounds kernel reads in madvise. When a user provides a bogus patindex value through the madvise IOCTL, the xepatindexgetcohmode function performs an array access without...

7.1CVSS5.7AI score0.00118EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Counter: rz-mtu3-cnt: Do not use the dev member of the struct rzmtu3channel. The counter driver can use HW channels 1 and 2, while the PWM driver can use HW channels 0, 1, 2, 3, 4, 6, 7. The dev member is assigned both by the...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fixed a double-free issue related to reregusermr. If IBMRREREGTRANS is set during reregusermr, the umem will be released, and a new umem will be allocated in irdmareregmrtrans. If any step of irdmareregmrtrans fails...

7.8CVSS5.7AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The use-after-free issue in smblazyparentleasebreakclose has been fixed. The opinfo pointer, which is obtained through rcudereferencefp-fopinfo, is accessed after rcureadunlock has been called. This creates a race conditio...

9.8CVSS5.7AI score0.00444EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Decrementing rereceiving on early exit paths In cases where rpcrdmapostrecvs fails to create a work request due to memory allocation failures, for example or exits early, we should decrement ep-rereceiving before...

7.5CVSS5.7AI score0.0038EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Tracing: The “Drain deferred trigger” operation is freed if kthread creation fails. Registration of boot-time triggers may fail before the trigger-data cleanup process is completed. If a kthread exists, deferring the “Drain...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed the drmedid leak in amdgpudm WHAT When a sink is connected, the connector-drmedid was overwritten without freeing the previous allocation, resulting in a memory leak upon resuming operation. HOW Free the...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: This issue prevents concurrent access to the IPSec ASO context. The querying or updating of IPSec offload objects occurs through the Access ASO WQE. The driver uses a single mlx5eipsecaso structure for each PF, which...

4.7CVSS5.7AI score0.00089EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Golang-1.23

During the resumption of a session in cryptography/TLS, if the underlying Config has its ClientCAs or RootCAs fields changed between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This can occur when a user calls Config.Clone and...

10CVSS6.9AI score0.00765EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: bpf: preventing buffer overflow in hidhwrequest. Currently, the returned value is considered to be always valid. However, when working with HID-BPF, the returned value can be arbitrarily large, because it is the returned val...

7.8CVSS5.9AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a potential deadlock in CPU hotplug with osnoise. The following sequence may lead to a deadlock in CPU hotplug: task1 task2 task3 ----- ----- ----- mutexlock&interfacelock CPU GOING OFFLINE cpuswritelock;...

5.5CVSS6.1AI score0.00095EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Do not overwrite the KMS surface dirty tracker. We were overwriting the surface’s dirty tracker, which caused a memory leak...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in python-pip

When extracting a tar archive, pip may not check symbolic links pointing into the extraction directory if the tarfile module does not implement PEP 706. Note that upgrading pip to a “fixed” version does not fix all vulnerabilities that are mitigated by using a Python version that implements PEP...

5.9CVSS6.8AI score0.00438EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: spi: Fixed a use-after-free issue during controller registration failures. Be sure to also deregister from the driver core in case the per-cpu statistics allocation fails during controller registration, in order to avoid...

7.8CVSS4.7AI score0.00117EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fixed the issue of parameter context leaks during the damonsysfsnewtestctx function failure. Patches in the series “mm/damon/sysfs: fixed memory leaks and NULL pointer dereferencing issues”, version 4. DAMONSYSFS...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead – Reverted to operating out-of-place. This primarily reverts to commit 72548b093ee3, except for the copying of the associated data. There is no benefit in performing in-place operations in algifaead, as the sour...

7.8CVSS6.6AI score0.96267EPSS
Exploits228References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.16 views

Astra Linux – Vulnerability in docker.io-app

Moby v25.0.5 is affected by a race condition in the builder/builder-next/adapters/snapshot/layer.go file. This vulnerability could be exploited to trigger concurrent builds that invoke the EnsureLayer function, leading to resource leaks or exhaustion...

6.5CVSS6.1AI score0.00625EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Netty

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high-performance protocol servers and clients. Before version 4.1.59.Final, there was a vulnerability on Unix-like systems involving an insecure temporary file. When Netty’s...

6.2CVSS6.7AI score0.01777EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libvirt

A use-after-free flaw was discovered in libvirt. The qemuMonitorUnregister function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting...

6.5CVSS6.7AI score0.01207EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in bind9

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration that uses BIND’s default settings, the vulnerable code path is not exposed. However, a server can become vulnerable by explicitly setting valid values for the...

8.1CVSS7.3AI score0.64161EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Base Internals in Google Chrome before version 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.5AI score0.0055EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Intel Microcode

A observable discrepancy in the RAPL interface of certain Intel processors may allow a privileged user to potentially enable information disclosure through local access...

5.5CVSS6.6AI score0.00414EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: common: usb-conn-gpio: Fixed the issue of NULL pointer dereferencing during the charger process. When the system is powered on using an OTG cable, the IDDIG interrupt occurs before the charger is registered. This can lead to...

5.5CVSS5.8AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in WebKit2GTK

A port redirection issue has been resolved with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4, and iPadOS 14.4, as well as Safari 14.0.3. A malicious website may be able t...

6.5CVSS6.9AI score0.01771EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Grunt

Path traversal in the GitHub repository gruntjs/grunt before version 1.5.2...

7.1CVSS6.7AI score0.00571EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

6.5CVSS6.8AI score0.00605EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Shadow

A flaw was discovered in shadow-utils. When requesting a new password, shadow-utils asks for the password twice. If the password is incorrect on the second attempt, shadow-utils fails in clearing the buffer used to store the first entry. This may allow an attacker with sufficient access to retrie...

5.5CVSS6.7AI score0.00257EPSS
Exploits0References2
Total number of security vulnerabilities18095