Lucene search
K
AstralinuxRecent

17450 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A issue was discovered in the drivers/usb/gadget/composite.c file within the Linux kernel before version 5.16.10. The USB Gadget subsystem lacks certain validations for interface OS descriptor requests those with a large array index and those associated with NULL function pointer retrieval. Memor...

4.9CVSS6.6AI score0.00927EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

It was discovered that the clsRoute filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it, if its handle had the value 0...

7.8CVSS7AI score0.06214EPSS
Exploits7References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: consolidate suboption status MPTCP maintains the received sub-options status as a bitmask carrying the received sub-options, with additional information carried in several bitfields for each suboption. Zeroing the bitma...

5.5CVSS6.6AI score0.00196EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

The issue was addressed through improved checks. This issue is fixed in Safari 18.5, iOS 18.5, iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, and watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption...

8CVSS5.4AI score0.00539EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Fixed memory corruption when using the identity domain. The function zpcigetiommuctrs returns counter information that needs to be reported as part of device statistics. These counters are stored as part of the...

7.8CVSS5.4AI score0.00134EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved bounds checks. This issue has been fixed in tvOS 15.6, watchOS 8.7, iOS 15.6, and iPadOS 15.6, macOS Monterey 12.5, and Safari 15.6. Processing web content may lead to arbitrary code execution...

8.8CVSS8.6AI score0.03213EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: crypto: afalg – Fixed an issue where initialisation was missing, affecting gcm-aes-s390. Fixed the afalgallocareq function to initialize areq-firstrsgl.sgl.sgt.sgl to point to the scatterlist array in areq-firstrsgl.sgl.sgl...

5.5CVSS5.8AI score0.0012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range checks for the CHDBOFF and ERDBOFF registers. If the values read from the CHDBOFF and ERDBOFF registers are outside the range of the MHI register space, an invalid address may be calculated, which can later...

5.5CVSS5.7AI score0.00137EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

This issue has been resolved through improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2, and iPadOS 18.7.2; iOS 26.1 and iPadOS 26.1; macOS Tahoe 26.1; tvOS 26.1; visionOS 26.1; and watchOS 26.1. Processing maliciously crafted web content may lead to memory corruption...

8.8CVSS6.7AI score0.01068EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in WebKit2GTK

A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in Safari 26.1, iOS 18.7.2, and iPadOS 18.7.2; iOS 26.1 and iPadOS 26.1; macOS Tahoe 26.1; visionOS 26.1; and watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safa...

4.3CVSS6AI score0.01007EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

A NULL pointer dereference flaw was discovered in the Linux kernel’s AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the system...

5.5CVSS6.7AI score0.00195EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, a global-buffer-overflow issue was observed during FreeRDP’s Base64 decoding process. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char values are treated...

9.1CVSS5.3AI score0.00599EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, a heap out-of-bounds read occurred in the smartcard SetAttrib path when cbAttrLen did not match the actual NDR buffer length. This vulnerability has been fixed in version 3.20.1...

9.1CVSS5.5AI score0.00756EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, xfPointerNew would free cursorPixels if there was a failure. After that, pointerfree would call xfPointerFree to free it again, which could trigger an ASan UAF. A malicious server could exploit this...

9.8CVSS6AI score0.00402EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, deleting offscreen bitmaps caused gdi-drawing to point to freed memory, leading to UAF when related update packets arrived. A malicious server could trigger client-side use after the objects were freed,...

9.8CVSS5.9AI score0.00402EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in binutils

The readelf.c file in GNU Binutils 2.32 contains an integer overflow vulnerability that allows attackers to trigger a write access violation in the byteputlittleendian function in elfcomm.c through an ELF file, as demonstrated by readelf...

5.5CVSS6.4AI score0.01481EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, the URBDRC client did not perform bounds checking on the MSUSBINTERFACEDESCRIPTOR values provided by the server and used these values as indices in libusbudevcompletemsconfigsetup, resulting in an...

9.1CVSS5.4AI score0.00756EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nfttunnel: fixed a type confusion issue with geneveopt. When handling multiple NFTATUNNELKEYOPTSGENEVE attributes, the parsing logic should process each geneveopt structure individually and compactly. Therefore, whe...

7.8CVSS6.5AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Wireshark

The TLS protocol dissector heap overflow in Wireshark versions 4.6.0 to 4.6.4 allows for denial of service attacks, and may lead to code execution...

8.8CVSS6.2AI score0.0039EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: writeback: Fixed the use of “free” after deallocating memory in inodeswitchwbsworkfn. The function inodeswitchwbsworkfn has a loop like this: c wbgetnewwb; while 1 list = llistdelall&newwb-switchwbsctxs; / Nothing to do? / if !li...

7.8CVSS5.9AI score0.00114EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in gst-plugins-ugly1.0

GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may va...

7.8CVSS7.7AI score0.00773EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode process, planardecompressplanerle wrote into pDstData at nYDst+y nDstStep + 4nXDst + nChannel, without verifying that nYDst+nSrcHeight fits within the destination height or that...

8.8CVSS5.8AI score0.00591EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid dereferencing the fcport pointer. Klocwork reported a warning that a NULL pointer might be dereferenced. The routine exits when saCTL is NULL and fcport is allocated after the exit call. This causes the NULL...

5.5CVSS5.6AI score0.00136EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in openjpeg2

A flaw was discovered in the OpenJPEG project. A heap buffer overflow condition may occur when certain options are specified while using the opjdecompress utility. This could lead to an application crashing or other undefined behaviors...

5.6CVSS7AI score0.00309EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre v4, the patch 2039f26f3aca “bpf: Fixed leakage due to insufficient speculative store bypass mitigation” includes instructions...

7.1CVSS6.4AI score0.00189EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: idxd: Fixed a crash that occurred when the event log was disabled. If reporting errors to the event log is not supported by the hardware, and an error that causes a Function Level Reset FLR is detected, the driver...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.14 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: dsa: tag8021q: Avoid leaking ctx on the error path of dsatag8021qregister If dsatag8021qsetup fails, for example due to the inability of the device to install a VLAN, the tag8021q context of the switch will be leaked. Make...

5.3AI score0.002EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in binutils

A vulnerability was discovered in GNU Binutils 2.44 and is classified as problematic. This issue affects the processdebuginfo function in the binutils/dwarf.c file, within the DWARF Section Handler component. The vulnerability results in a memory leak. Local attacks are required to exploit this...

4.8CVSS5AI score0.00223EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.14 views

Astra Linux – Vulnerability in Parsec

The vulnerability of the pdpmlrlobstackprintf function in the PARSEC security subsystem is related to reading data beyond the acceptable buffer size. Exploiting this vulnerability allows an attacker to access confidential data and also cause service failures...

6.8CVSS5.9AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7996 – Drop fragments with multicast or broadcast RA. IEEE 802.11 fragmentation can only be applied to unicast frames. Therefore, fragments are dropped during multicast or broadcast RA. This patch addresses...

5.5CVSS6.3AI score0.00145EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: sparx5 – Fixed the issue where the entry was still used after being freed within sparx5delmactEntry. Based on the static analysis of the code, it appears that when an entry from the MAC table was removed, the entry was still...

7.8CVSS5.3AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Firefox

Data was not properly sanitized during the decoding of a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox versions earlier than 124...

7.5CVSS7.1AI score0.00501EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath12k – Fixed issues with dfs-radar and temperature event locking. The ath12k active PDevs are protected by RCU, but the code responsible for handling DFS-radar and temperature events, which calls ath12kmacgetarbypdevid...

5.9CVSS5.3AI score0.00707EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When devicepropertyreadstring fails, str remains uninitialized, but the code proceeds to strcmpstr, …, resulting in dereferencing a garbage pointer. Replace manual...

5.7AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: macvlan: Enforces a consistent minimal MTU. The macvlan mechanism should enforce a minimal MTU of 68, even when creating a link. This patch avoids the current behavior which could lead to crashes in the IPv6 stack if the link is...

5.5CVSS5.8AI score0.00178EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Firefox

Because Firefox did not implement the unsafe-hashes CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy might have been able to inject executable scripts. This would be severely restricted by the specified Content Security Policy o...

8.8CVSS7.8AI score0.00697EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in imagemagick

ImageMagick 7.1.0-49 is vulnerable to information disclosure. When it parses a PNG image e.g., for resizing, the resulting image may contain content from an arbitrary file. This occurs if the ImageMagick binary has permissions to read such files...

6.5CVSS7.7AI score0.89855EPSS
Exploits28References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in imagemagick

ImageMagick 7.1.0-49 is vulnerable to Denial of Service attacks. When it parses a PNG image for example, for resizing, the conversion process may cause it to wait for stdin input...

6.5CVSS7.1AI score0.76581EPSS
Exploits4References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in OpenVSwitch

An integer underflow occurred in the Organization Specific TLV in various versions of OpenvSwitch...

9.8CVSS7.3AI score0.01324EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the drivers/video/fbdev/smscufx.c file within the Linux kernel, up to version 5.19.12, there is a race condition that can lead to a use-after-free if a physically nearby attacker removes a USB device while the open function is called. This issue is essentially a race condition between ufxopsop...

4.2CVSS6.2AI score0.00309EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libarchive

In libarchive before version 3.6.2, the software does not check for an error after calling the calloc function. This function may return a NULL pointer if it fails, leading to a NULL pointer being dereferenced. NOTE: The discoverer cites this CWE-476 issue, but third parties dispute its impact on...

9.8CVSS6.8AI score0.01936EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in gst-plugins-good1.0

DOS: Potential heap overwrite during MKV demuxing using LZO decompression. Integer overflow in the Matroskademux element within the LZO decompression function can cause a segfault, or potentially a heap overwrite, depending on the libc and operating system. Depending on the libc used and the...

7.8CVSS7.2AI score0.00409EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in gst-plugins-good1.0

Integer overflow in the avidemux element within the gstavidemuxinvert function, which allows for a heap overwrite during the parsing of AVI files. There is a potential for arbitrary code execution due to the heap overwrite...

7.8CVSS7.7AI score0.00465EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in sudo

In Sudo before 1.9.12p2, the sudoedit also known as -e feature improperly handles additional arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR. This allows a local attacker to append arbitrary entries to the list of files to process. This can lead to...

7.8CVSS7.5AI score0.55367EPSS
Exploits20References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Tiff

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 3516 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIF file. For users who compile LibTIFF from source code, the fix is available in the comm...

6.8CVSS6.7AI score0.00435EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Tiff

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 3609 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIF file. For users who compile LibTIFF from source code, the fix is available in the comm...

6.8CVSS6.7AI score0.00435EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Tiff

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 3502 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIF file. For users who compile LibTIFF from source code, the fix is available in the comm...

6.8CVSS6.7AI score0.00435EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in TIF format

LibTIFF 4.4.0 contains an out-of-bounds read in tiffcrop at line 3400 of tools/tiffcrop.c, allowing attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile LibTIFF from source code, the fix is available in the commit afaabc3e...

6.8CVSS6.8AI score0.00421EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in c-ares

A flaw was discovered in the c-ares package. The aressetsortlist function lacks checks for the validity of the input string, which could lead to a stack overflow vulnerability with an arbitrary length. This issue may cause a denial of service or have a limited impact on confidentiality and...

8.6CVSS7.2AI score0.01232EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Git

Git is an open-source, scalable, distributed version control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are vulnerable to exposure of sensitive information by malicious actors. When performing a local clone where the source and target of the clone...

5.5CVSS6AI score0.01336EPSS
Exploits1References2
Total number of security vulnerabilities17450