Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Thunderbird

A use-after-free was identified in the nsDNSService::Init code. This issue seems to occur rarely during startup. This vulnerability affects Firefox ESR 115.6 and Thunderbird 115.6...

8.8CVSS7.3AI score0.00951EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Memory safety bugs exist in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...

8.8CVSS7.6AI score0.00745EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

A memory leak flaw was discovered in nftsetcatchallflush in net/netfilter/nftablesapi.c within the Linux Kernel. This issue may allow a local attacker to cause double-deactivation of catchall elements, which can lead to a memory leak...

5.5CVSS6.7AI score0.00282EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Vim

Heap-based Buffer Overflow in the GitHub repository vim/vim before version 9.0.1848...

7.8CVSS7.1AI score0.006EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: i2c: core: Perform atomic i2c transfers when !preemptible is set. Since bae1d3a05a8b, i2c transfers are not atomic if preemption is disabled. However, non-atomic i2c transfers require preemption e.g., during waitforcompletion, wh...

5.5CVSS6.1AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: The BUGON flag has been removed when the event pool is empty. In practice, the driver should never send more commands than are allocated to the event pool. If this happens, the code will assert the BUGON flag. In th...

5.5CVSS6.3AI score0.0025EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Do not offline the last non-isolated CPU. If a system has isolated CPUs via the “isolcpus=” command-line parameter, then attempting to offline the last housekeeping CPU will result in a WARNON message when rebuilding...

5.5CVSS6.1AI score0.00242EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k – Fix for htt.pktlog locking. The ath11k active PDevs are protected by RCUs, but the code that handles htt.pktlog, namely ath11kmacgetarbypdevid, was not marked as a read-side critical section. Mark the relevant code...

4.4CVSS6AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: mux: Added checks and calls to kstrdup. A check is performed on the return value of kstrdup; if it fails, an error is returned to avoid NULL pointer dereferencing. Additionally, kfree is used in the subsequent error...

5.5CVSS5.8AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Added a null pointer check to scom DebugInitOne. The kasprintf function returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure. A null pointer check should be added, and th...

5.5CVSS6.1AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/panel: fixed a possible null pointer dereferencing issue. In versatilepanelgetmodes, the return value of drmmodeduplicate is assigned to mode, which could lead to a NULL pointer dereferencing issue if drmmodeduplicate fails. ...

5.5CVSS5.8AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fixed handling of IRQs due to shared interrupts. The driver requests interrupts using IRQFSHARED, so the interrupt handlers can be called at any time. If such a call occurs while the ISP is powered down, the SoC wi...

5.5CVSS6.1AI score0.00219EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Added missing error checks to ctlget The ctlget functions that call scarlett2update did not check the return value. This issue has been fixed by adding error checks and passing the return value to the caller...

5.5CVSS6.1AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6765 – Added a check for the return value of mtkallocclkdata. The check is added to avoid dereferencing a NULL pointer...

4.1CVSS5.7AI score0.00218EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: config: fix iteration issue in ‘usbgetbosdescriptor’ The BOS descriptor defines a root descriptor and serves as the base descriptor for accessing a family of related descriptors. The function usbgetbosdescriptor encounters a...

5.5CVSS6AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In drivers/accel/habanalabs/common/habanalabsioctl.c of the Linux kernel, from version 6.6.5 onwards, an information leak to user space is possible because info-pad0 is not initialized...

5.5CVSS6.3AI score0.003EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A issue was discovered in the Linux kernel before version 6.6.8. The dovccioctl function in net/atm/ioctl.c has a use-after-free issue due to a race condition involving vccrecvmsg...

7CVSS6.5AI score0.0051EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in ofono

A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug occurs within the decodedeliver function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through SMS. There i...

8.1CVSS7.1AI score0.0124EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validates the session ID and tree ID in a compound request. This patch validates the session ID and tree ID within a compound request. If the first operation in the compound is an SMB2 ECHO request, ksmbd bypasses the...

5.5CVSS6.1AI score0.14332EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: A out-of-bounds read occurred in smb2sesssetup. ksmbd does not consider the case where smb2sesssetup is part of a compound request. If this is the second payload of the compound request, an OOB Out-of-Bounds read issue...

7.1CVSS6.5AI score0.02838EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Vim

Heap-based Buffer Overflow in the GitHub repository vim/vim before version 9.0.1873...

7.8CVSS7.1AI score0.00606EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Thunderbird

The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If this information is present, Thunderbird does not compare the signature creation date with the message’s date and time, and displays a valid signature even if there is a mismat...

4.3CVSS6.5AI score0.00633EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A issue was discovered in the Linux kernel before version 6.6.8. The atalkioctl function in net/appletalk/ddp.c has a use-after-free issue due to a race condition involving atalkrecvmsg...

7CVSS6.5AI score0.0031EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.15

A out-of-bounds memory read flaw was discovered in the parseleasestate function within the KSMBD implementation of the in-kernel Samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command along with a malformed payload to KSMBD, due to a lack of checks on the NameOffset...

8.1CVSS6.9AI score0.01077EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

A vulnerability was discovered in comparenetdevandip in drivers/infiniband/core/cma.c within RDMA in the Linux kernel. Improper cleanup leads to out-of-boundary reads, allowing a local user to exploit this issue to crash the system or escalate privileges...

7.8CVSS6.6AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The issue of slub overflow in ksmbddecodentlmsspauthblob has been fixed. If authblob-SessionKey.Length is larger than the size of the session key CIFSKEYSIZE, slub overflow can occur in the key exchange process. The functi...

7.8CVSS6.3AI score0.36685EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

A flaw was discovered in KVM. An improper check in svmsetx2apicmsrinterception may allow direct access to the host’s x2apic MSRs when the guest resets its APIC, potentially leading to a denial-of-service condition...

6CVSS6.6AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i – reduced the DMA RX transfer width to a single byte. Through empirical testing, it has been determined that sometimes RX SPI transfers with DMA enabled may return corrupted data. This issue arises due to the loss of o...

5.3CVSS6AI score0.00805EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: rejection iftype changes with mesh ID changes It is currently possible to change the mesh ID when the interface is not yet in mesh mode, while also changing it into mesh mode. This leads to an overwrite of data in...

5.5CVSS6AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: serial/pmaczilog: The flawed mitigation for rx irq flood has been removed. The mitigation was intended to completely stop the irq. This might be better than a hard lock-up, but it turns out that a crash still occurs if pmaczilog ...

5.5CVSS6.2AI score0.00182EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fixed incomplete endpoint checking While vmk80xx does implement endpoint checking, some issues may still go unnoticed. Depending on the hardware model, URBs can have either bulk or interrupt types, and the curren...

5.5CVSS6.2AI score0.0028EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in glibc

The iconv function in the GNU C Library versions 2.39 and earlier may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set. This could potentially cause an application to crash or overwrite a neighboring variable...

7.3CVSS7.2AI score0.8833EPSS
Exploits16References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Samba

MaxQueryDuration is not honored in Samba AD DC LDAP...

6.5CVSS6.7AI score0.01731EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Ensure that rdmaaddrcancel is called before issuing more requests. The FSM can enter a loop, allowing rdmaresolveip to be called twice with the same idpriv. Although this cannot occur without going through this process,...

7.8CVSS6.1AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Samba

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on November 8, 2022, and according to RFC8429, it is assumed that RC4-HMAC is weak. Vulnerable Samba Active Directory Domain Controllers will issue RC4-HMAC encrypted tickets, even though the targe...

9.8CVSS6.8AI score0.00454EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Samba

A flaw was discovered in Samba. An incomplete access check on dnsHostName allows authenticated, but otherwise unprivileged users to delete this attribute from any object in the directory...

4.3CVSS6.6AI score0.00719EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in GhostScript

A vulnerability classified as problematic was discovered in GhostPCL 9.55.0. This vulnerability affects the chunkfreeobject function in the gsmchunk.c file. Manipulation with a malicious file can lead to memory corruption. The attack can be initiated remotely, but requires user interaction. The...

7.8CVSS6.1AI score0.00811EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in amd64-microcode

Incomplete system memory cleanup in the SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity...

4.4CVSS6.2AI score0.00199EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in OVN

A flaw was discovered in Open Virtual Network, where the service monitor MAC does not properly implement rate limiting. This issue could allow an attacker to cause a denial of service, even in deployments with CoPP enabled and properly configured...

5.3CVSS6.4AI score0.00994EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Intel Microcode

Incorrect calculations in the microcode keying mechanism of certain IntelR XeonR D processors with IntelR SGX may allow a privileged user to potentially enable information disclosure through local access...

5.3CVSS6.3AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Intel Microcode

Improper input validation in some IntelR TDX module software prior to version 1.5.05.46.698 may allow a privileged user to potentially enable privilege escalation through local access...

6.7CVSS6.4AI score0.00368EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: WireGuard: netlink: Access the device through ctx instead of peer. The previous commit fixed a bug that resulted in a NULL peer-device being dereferenced. In terms of performance, it is actually easier and faster to obtain the...

5.5CVSS6.2AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Ruby 2.5

A issue was discovered in RDoc versions 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdocoptions used for configuration in RDoc as a YAML file, object injection and resulting remote code execution are possible because there are no restrictions on the classes that c...

4.5CVSS7.3AI score0.01571EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fixed the potential issue of using “glock” after a file system unmount. When a DLM lockspace is released and there are still locks in that lockspace, the DLM will automatically unlock those locks. Commit fb6791d100d1b...

7.8CVSS6.2AI score0.00248EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in bind9

The DNS message parsing code in named includes a section whose computational complexity is excessively high. This does not cause problems for typical DNS traffic, but crafted queries and responses may lead to excessive CPU load on the affected named instance by exploiting this flaw. This issue...

7.5CVSS6.7AI score0.01327EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Intel Microcode

Hardware logic in some Intel processors may contain race conditions, which could allow an authenticated user to potentially enable partial information disclosure through local access...

2.8CVSS6.4AI score0.00176EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Intel Microcode

Improper isolation in some IntelR processor stream cache mechanisms may allow an authenticated user to potentially enable privilege escalation through local access...

7.8CVSS6.5AI score0.00285EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in Oracle Java SE component: Hotspot. The supported versions affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, and 23. This vulnerability is difficult to exploit; an unauthenticated attacker with network access via multiple protocols can compromise Oracle Jav...

3.7CVSS6.7AI score0.00827EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK:...

3.7CVSS6.8AI score0.00953EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in OVN

A flaw was discovered in the Open Virtual Network OVN. In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from within unprivileged workloads, including virtual machines or containers, which can trigger a denial of...

6.5CVSS6.6AI score0.00783EPSS
Exploits0References2
Total number of security vulnerabilities18095