Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Chromium

Before version 89.0.4389.90, using free after in WebRTC in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.5AI score0.01374EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Intel Microcode

The sequence of processor instructions in IntelR CoreTM Ultra Processors may lead to unexpected behaviors. This could potentially allow an authenticated user to enable denial of service through local access...

4.7CVSS6.3AI score0.00279EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

There was no limit to the number of HTTP/2 CONTINUATION frames that could be processed. A server could exploit this to cause a memory exhaustion condition in the browser. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...

3.7CVSS6.1AI score0.00759EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in libidn2

GNU libidn2 before version 2.2.0 fails to perform the round-trip checks specified in RFC3490, Section 4.2, when converting A-labels to U-labels. This allows, under certain circumstances, one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...

7.5CVSS7AI score0.0279EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in openssl1.0

Normally, in OpenSSL, EC groups always contain a co-factor, and this co-factor is used in code paths that resist side channels. However, in some cases, it is possible to create a group using explicit parameters instead of a named curve. In these cases, the group may not contain a co-factor. This...

4.7CVSS6.7AI score0.01188EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

In the “Permission Prompts” feature of Google Chrome before version 101.0.4951.64, it was possible for a remote attacker to convince a user to perform certain UI interactions, thereby potentially exploiting heap corruption through those interactions...

8.8CVSS7.3AI score0.00676EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Qemu

A flaw was discovered in the QEMU implementation of VMWare’s paravirtual RDMA device in versions prior to 6.1.0. The issue occurs when handling a “PVRDMAREGDSRHIGH” write from the guest, and it may result in a crash of QEMU or cause undefined behavior due to the access of an uninitialized pointer...

6CVSS6.7AI score0.00363EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Intel Microcode

Improper isolation of shared resources in some IntelR processors may allow an authenticated user to potentially enable information disclosure via local access...

6.5CVSS6.7AI score0.00402EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Cast in Google Chrome before version 118.0.5993.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Low...

6.3CVSS6.6AI score0.0069EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.14 views

Astra Linux – Vulnerability in ldns

When a zone file in ldns 1.7.1 is parsed, the function ldnsnsec3saltdata is too trusted regarding the length value obtained from the zone file. During the memcpy operation, the bytes 0xfe – ldnsrdfsizesaltrdf can be copied, leading to heap overflow information leakage...

7.5CVSS7.1AI score0.01493EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Tiff

A heap buffer overflow flaw was discovered in the tiffinfo.c file of Libtiffs, within the TIFFReadRawDataStriped function. This flaw allows an attacker to submit a malicious TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and resulting in a system crash, leading to a denia...

5.5CVSS6.8AI score0.00532EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Ceph

IBM Spectrum Fusion HCI versions 2.5.2 through 2.7.2 may allow attackers to perform unauthorized actions in the RGW for Ceph due to improper bucket access. IBM X-Force ID: 266807...

9.8CVSS6.8AI score0.02539EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in docker.io

Moby is an open-source container framework developed by Docker Inc. It is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component, dockerd, which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode is a...

6.8CVSS6.8AI score0.00696EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux

A flaw was discovered in the JFS filesystem code within the Linux kernel, which allows a local attacker to cause the system to panic by enabling the ability to set extended attributes. This can lead to memory corruption or an escalation of privileges. The most significant threat posed by this...

7.8CVSS6.6AI score0.00788EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Thunderbird

When importing a revoked key with “key compromise” as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked. As a result, the existing key remained unrevoked. Revocation statements that used another revocation reason, or those that did not specify...

5.4CVSS6.3AI score0.00373EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...

6.5CVSS6.7AI score0.00743EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Xen

A issue was discovered in Xen through version 4.11.x, allowing users of x86 Intel HVM guest operating systems to obtain unintended read/write DMA access. This could potentially lead to a denial of service causing the host operating system to crash or result in privilege escalation. This issue...

7.8CVSS7.2AI score0.00356EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Properly handles errors when reading symbolic links. It’s a patch from the “Convert ocfs2 to use folios” series. Mark converted ocfs2 to use folios and sent it to me as a major patch for review ;-. So I reworked it into...

5.5CVSS6.2AI score0.00194EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mac80211: A potential double-free operation occurred during mesh join. While commit 6a01afcf8468 “mac80211: Mesh: Deleting ie data when leaving the mesh” fixed a memory leak that occurred during mesh leave/teardown, it introduced...

7.8CVSS6AI score0.00243EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: be2net: Buffer overflow was fixed in begetmoduleeeprom. becmdreadporttransceiverdata assumes that it is given a buffer that is at least PAGEDATALEN long, or twice that if the module supports SFF 8472. However, this is not always...

7.8CVSS6.4AI score0.00289EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

iouring UAF, Unix SCM garbage collection...

7CVSS6.5AI score0.01433EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed a use-after-free in i40eclientsubtask. Currently, the call to i40eclientdelinstance frees the object pf-cinst. However, pf-cinst-laninfo is accessed after the object is freed. This issue was fixed by adding the...

7.8CVSS6.2AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in the “Video” feature of Google Chrome prior to version 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.00668EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Thunderbird

When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is displayed when the mouse hovers over any attachment. Although the correct link is used upon clicking, the misleading hover text may lead users to download conten...

6.4CVSS6.4AI score0.0028EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: lib/fonts: Fixed undefined behavior in bit shifting for getdefaultfont. Shifting a signed 32-bit value by 31 bits is undefined; therefore, the significant bit was changed to unsigned. The UBSAN warning “calltrace” is as follow...

5.5CVSS6.2AI score0.00147EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in imagemagick

A vulnerability was discovered in ImageMagick-7.0.11-5, where executing a specially crafted file using the “convert” command allows ASAN to detect memory leaks...

3.3CVSS6.7AI score0.00447EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Thunderbird

An outdated graphics library Angle likely contained vulnerabilities that could potentially be exploited. This vulnerability affects Thunderbird 78.9 and Firefox ESR 78.9...

9.8CVSS7.2AI score0.00901EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 81.0.4044.92, using the "After Free" feature in Google Chrome allowed a remote attacker to execute arbitrary code through a crafted HTML page...

9.3CVSS7.6AI score0.10586EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A phishing website could have re-used an about: dialog box to display phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox 122 and Thunderbird 115.7...

4.3CVSS6.1AI score0.00333EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.16 views

Astra Linux – Vulnerability in Parsec

The vulnerability of the macid utility in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...

6.2CVSS5.8AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Staging: greybus: audiohelper: Remove unused and incorrect usage of debugfs. In the greybus audiohelper code, the debugfs file related to dapm has the potential to be removed, and memory may be leaked. There is also a high...

5.5CVSS5.9AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Added .owner field to vmclockmiscdevfops. Without the .owner field, the module can be unloaded while /dev/vmclock0 is open, resulting in an oops...

5.5CVSS5AI score0.00177EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in libcaca

A flaw was discovered in libcaca v0.99.beta19. A buffer overflow issue in the cacaresize function in libcaca/caca/canvas.c may allow for the execution of arbitrary code in the user context...

7.8CVSS7.4AI score0.00565EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Debug: Fixed a potential buffer overflow caused by snprintf. The snprintf function returns the size of the string that would be filled if it exceeds the given buffer size. Therefore, using this value may lead to a buff...

7.8CVSS6.2AI score0.00179EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A memory leak flaw in the Linux kernel’s hugetlbfs memory usage was discovered in the way that the system maps some regions of memory twice using shmget. These mappings are aligned according to PUD alignment, resulting in some memory pages being misaligned. A local user could exploit this flaw to...

4.4CVSS6.7AI score0.00515EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in node-ansi-regex

ansi-regex is vulnerable to inefficient regular expression complexity...

7.8CVSS6.7AI score0.03304EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel versions 3.11 through 5.10.16, as used by Xen. When serving requests to the PV backend, the driver maps grant references provided by the frontend. During this process, errors may occur. In one case, an error encountered earlier might be discarded by late...

7.8CVSS6.7AI score0.00348EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass the same-origin policy and proxy settings through a crafted HTML page. Chromium security severity: Low...

6.5CVSS6.8AI score0.00883EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Samba

A out-of-bounds read vulnerability was discovered in Samba due to insufficient length checks in the winbinddpamauthcrap.c file. When performing NTLM authentication, the client sends cryptographic challenges back to the server. These responses have varying lengths, and Winbind fails to check the...

5.9CVSS6.7AI score0.0153EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: spi-rockchip: Fixed out-of-bounds access to registers. Do not write code related to native chip selection for GPIO chip selections. GPIOs can be numbered much higher than native CS. Moreover, this approach doesn’t make any sen...

7.1CVSS6.5AI score0.00147EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux

In the Linux kernel up to version 5.8.7, local attackers who were able to inject conntrack netlink configurations could exploit an overflow in a local buffer, resulting in crashes or triggering the use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink....

6CVSS6.6AI score0.00566EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 98.0.4758.80, using "After Free" in the Accessibility settings of Google Chrome allowed a remote attacker who convinced a user to perform certain user interactions to potentially exploit heap corruption through those interactions...

8.8CVSS7AI score0.00685EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in dpdk

NVIDIA’s distribution of the Data Plane Development Kit MLNXDPDK contains a vulnerability in the network stack, where error recovery is not handled properly. This vulnerability can allow a remote attacker to cause denial of service, as well as affect data integrity and confidentiality...

8.6CVSS7AI score0.0188EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Ruby 2.5

In RDoc 3.11 through 6.x, as distributed with Ruby up to 3.0.1, it was possible to execute arbitrary code using | and tags within a filename...

7CVSS7AI score0.0148EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 104.0.5112.79, using "After Free" in Safe Browsing in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00615EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 101.0.4951.41, using free after in the Ozone browser extension in Google Chrome allowed a remote attacker to potentially exploit heap corruption by running a Wayland test...

7.5CVSS6.9AI score0.00947EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Systemd

The basic/unit-name.c file in systemd, prior to versions 246.15, 247.8, 248.5, and 249.1, contains a memory allocation with an excessive size value. This issue involves functions strdupa and alloca, where a pathname is controlled by a local attacker, leading to a system crash...

5.5CVSS6.8AI score0.0865EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Do not perform the PV iret hypercall through the hypercall page. Instead of jumping to the Xen hypercall page to execute the iret hypercall, the required sequence is directly coded in the xen-asm.S file. This action is...

5.5CVSS6.3AI score0.00304EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: xen/privcmd: fixed the error exit of privcmdioctldmop The error exit of privcmdioctldmop calls unlockpages, potentially with pages being NULL, leading to a NULL dereference. Additionally, lockpages does not check whether...

5.5CVSS6.2AI score0.00197EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When a ServiceWorker intercepted a request using FetchEvent, the origin of the request was lost after the ServiceWorker took control of it. This caused the SameSite cookie protections to be negated. This issue was addressed in the specifications, and later in browsers. This vulnerability affects...

6.5CVSS6.8AI score0.00744EPSS
Exploits0References2
Total number of security vulnerabilities18095