Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Shortly after that, there is a debug printout that dereferences “lh”, which will cause a crash. Avoid...

5.5CVSS5.7AI score0.001EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - SPI: ch341: fixed the device lifecycle. USB drivers bind to USB interfaces, and any device’s managed resources should have their lifecycle tied to the interface rather than the parent USB device. This prevents issues like...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Revert “mm/hugetlbfs: update hugetlbfs to use mmapprepare”. This revertment corresponds to the commit ea52cb24cd3f “mm/hugetlbfs: update hugetlbfs to use mmapprepare”, with conflict resolution to account for changes in commit...

5.7AI score0.00145EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: Fixed a use-after-free in scpsysgetbusprotectionlegacy. In scpsysgetbusprotectionlegacy, the offindnodewithproperty function returns a device node, and its reference count is incremented. This function then...

5.7AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fixed the exit race in damoswalk vs kdamondfn. When the kdamondfn main loop finishes, the function cancels the remaining damoswalk requests and sets damonctx-kdamond to false, so that API callers and API functions...

4.7CVSS5.7AI score0.00079EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Returning the correct address for non-zero offsets in the insn array The mapdirectvalueaddr function in the instruction array incorrectly adds an offset to the resulting address. This is a bug, as the resolvepseudoldimm64...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed a use-after-free in arenavmclose when processing forks. The arenavmopen function only increments vml-mmapcount, but never registers the child VMA in arena-vmalist. vml-vma always points to the parent VMA; therefore,...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg – Check for array overflow when selecting high-resolution values. When selecting high-resolution values from an array, the FIELDGET function is used to retrieve data from a 3-bit register. However, the array being...

5.8AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/mana: Fixed the cleanup in manaDestroywqobj within manaibcreateqprss. Sashiko pointed out that there are two bugs in the error unwinding process, both related to how the WQ table is unwound. Firstly, there is a double i--...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Stopping the IRR scan in kvmapicupdateirr even if PIR is empty The function apicfindhighestvector is used when PID.ON is set, but PIR turns out to be empty. This ensures that the highest pending interrupt from the...

5.8AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: Fixed an issue where early boot crashes occurred when parameters without an '=' separator were used. If hugepages, hugepagesz, or defaulthugepagesz are specified on the kernel command line without the '=' separator,...

5.6AI score0.00166EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: spi: ch341: fixed memory leaks on probe failures. Make sure to unregister the controller, disable the pins, and terminate/free the RX URB in case of probe failures. This helps to mimic disconnection scenarios and avoid memory...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: inside-secure/eip93 – “Unregister” is only available for algorithms. EIP93 has an options register. This register indicates which crypto algorithms are implemented in silicon. Supported algorithms are registered based on...

5.6AI score0.00153EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: tpm: Use kfreesensitive to free the auth session in tpmdevrelease. tpmdevrelease uses the plain kfree function to free the chip-auth structure, which contains sensitive cryptographic materials, including HMAC session keys,...

5.9AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fixed the issue where usbkillurb was not called during signal interrupts. The function waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This requires aborting the URB operation and...

5.9AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Minzip

MiniZip in zlib version 1.3 has an integer overflow, resulting in a heap-based buffer overflow in zipOpenNewFileInZip464, which can occur due to a long filename, comment, or additional fields. NOTE: MiniZip is not a supported component of the zlib product. NOTE: pyminizip in versions 0.2.6 onward...

9.8CVSS7AI score0.02918EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix VF illegal register access The register WXCFGPORTST is a PF restricted register. When initializing a VF, attempting to read this register triggers an illegal register access, which can cause the system to hang. Wh...

5.6AI score0.00127EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fixed a possible NULL pointer dereference in ufshcdaddcommandTrace. The kernel log indicates a crash in ufshcdaddcommandTrace due to a NULL pointer dereference when accessing hwq-id. This can occur if...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: caam – fixed an overflow issue when dealing with long HMAC keys. When a key that is longer than the block size is provided, it is copied and then hashed into the actual key. The memory allocated for the copy needs to be...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: EDAC/mc: Fixed the error path ordering in edacmcalloc. When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice, which will ultimately call the device’s release function. However, the initializatio...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cxl/port: Fixed the issue where parentport was used after freeing it in cxldetachep. The cxldetachep function is called during the bottom-up removal process when all CXL memory devices beneath a switch port have been removed...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, as well as the AdminURLFieldWidget widget, are susceptible to a potential denial-of-service attack due to certain inputs containing a very large number of Unicode characters...

7.5CVSS6.8AI score0.00954EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in h2database

The H2 Console before version 2.1.210 allowed remote attackers to execute arbitrary code through a jdbc:h2:mem JDBC URL that contained the IGNOREUNKNOWNSETTINGS=TRUE;FORBID CREATION=FALSE;INIT=RUNSCRIPT substring. This is a different vulnerability than CVE-2021-42392. source-iocs-preserved...

10CVSS7.5AI score0.64766EPSS
Exploits4References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Firefox and Thunderbird

If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files are not properly deleted when the window is closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...

4.3CVSS6.7AI score0.00488EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in cjson

It has been discovered that cJSON v1.7.16 contains a segmentation violation due to the use of the cJSONInsertItemInArray function in the cJSON.c library...

7.5CVSS6.3AI score0.01508EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in OpenSSL

Issue Summary: Checking excessively long DH keys or parameters can be very slow. Impact Summary: Applications that use functions like DHcheck, DHcheckex, or EVPPKEYparamcheck to check DH keys or parameters may experience prolonged delays. If the keys or parameters are obtained from an untrusted...

5.3CVSS6.5AI score0.05533EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in libarchive

It was discovered that Libarchive v3.6.0 contains a buffer overflow vulnerability, specifically related to the zipxlzmaaloneinit function...

6.5CVSS7.1AI score0.01877EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, and Oracle GraalVM for JDK products of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition:...

5.1CVSS6.6AI score0.00483EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in poppler-22, poppler

In Poppler 22.07.0, the PDFDoc::savePageAs function in PDFDoc.c allows attackers to cause a denial-of-service attack the application crashes with SIGABRT by manipulating a PDF file in which the xref data structure is improperly handled during the getCatalog process. Note that this vulnerability i...

6.5CVSS6.7AI score0.00921EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in python-future

A vulnerability discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service by using a crafted Set-Cookie header from a malicious web server...

7.5CVSS6.7AI score0.01804EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Dbus

A issue was discovered in D-Bus before 1.12.24, 1.13.x, and 1.14.x, before 1.14.4, and 1.15.x, before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where the array length is inconsistent with the size of the element...

6.5CVSS6.7AI score0.0131EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in openimageio

A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially crafted targa file can lead to out-of-bound read and write operations on the process stack, which can result in arbitrary code execution. An attacker can provide a malicious file...

8.1CVSS7.9AI score0.0104EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in openexr

A flaw was discovered in OpenEXR’s hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file processed by OpenEXR to trigger an integer overflow. The greatest threat of this vulnerability is to system availability...

7.1CVSS6.8AI score0.00913EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in TIF format

The tiffcrop tool in libtiff has a uint32t underflow issue, which can lead to out-of-bounds read and write operations in the extractContigSamples8bits routine. An attacker who provides a crafted file to tiffcrop could exploit this flaw, likely by tricking a user into opening the crafted file with...

5.5CVSS6.8AI score0.003EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in snakeyaml

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user-supplied input, an attacker may provide content that causes the parser to crash due to a stack overflow...

6.5CVSS6.6AI score0.01025EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.17 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability include Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2, an...

5.9CVSS6.7AI score0.02062EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libinput

A format string vulnerability was detected in libinput...

7.8CVSS7.1AI score0.00364EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: ImageIO. The supported versions affected include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily exploitable vulnerabili...

5.3CVSS6.4AI score0.03486EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in openjdk-11

A vulnerability exists in the Oracle Java SE and Oracle GraalVM Enterprise Edition products from Oracle Java SE component: Hotspot. The versions affected include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily exploitable...

5.3CVSS6.6AI score0.02896EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 101.0.4951.41, using free after Vulkan in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00895EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: jbd2: fixed a deadlock in jbd2journalcancelrevoke The commit f76d4c28a46a "fs/jbd2: use a sleeping version of findgetblock" changed jbd2journalcancelrevoke to use findgetblocknonatomic, which uses a folio lock instead of an...

5.5CVSS5.7AI score0.00094EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix for role switching during resume If the role changes while the system is suspended, the cdns3 driver switches to the new mode during resume. However, switching to the host mode in this context causes a NULL pointe...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: slub: Data loss and overflow issues in krealloc have been fixed. Commit 2cd8231796b5 “mm/slub: allowing to set the node and align in kvrealloc” introduced the ability to force a reallocation if the original object does not...

5.5CVSS6.1AI score0.00133EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: New folios are initialized before being used. KMSAN reports an uninitialized value in longestmatchstd, which is called from ntfscompresswrite. When new folios are allocated without being marked as “uptodate”, and...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “net/smc: Introduce TCP ULP support” has been removed. This change is reflected in the commit d7cd421da9da2cc7b4d25b8537f66db5c8331c40. According to Al Viro, the TCP ULP support for SMC is fundamentally broken. The implementation...

7.8CVSS5.7AI score0.00112EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg. Check the bounds against the end of the BO whenever we access the msg...

7.1CVSS5.7AI score0.00131EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Remove initconst from gates. Since the commit 8ceff24a754a “clk: mediatek: clk-gate: Refactor mtkclkregistergate to use mtkgate struct”, the mtkgate structures are no longer only used for initialization/registratio...

7.8CVSS5.7AI score0.00162EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/xe/uapi: Added validation in xevmmadviseioctl to reject PAT indices with the XECOHNONE coherency mode when applied to CPU cached memory. Using cohnone with CPU cached buffers is a security issue. When the kernel clears pag...

5.7AI score0.00119EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: Control the built-in chip select manually. The coreQSPI IP supports only a single chip select, which is automatically operated by the hardware—set low when the transmit buffer is first written to, and se...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/timer-sp804: An Oops has been fixed when the readcurrenttimer function is called on ARM32 platforms where the SP804 is not registered as the schedcclock. On the SP804, the delay timer shares the same clkevt...

5.5CVSS5.7AI score0.001EPSS
Exploits0References1
Total number of security vulnerabilities18095