Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A use-after-free issue was discovered in the driver/firewire component, specifically in the outbound PhyPacketCallback function within the Linux kernel. In this flaw, a local attacker with special privileges could cause a use-after-free error when queueevent fails...

6.7CVSS6.8AI score0.00228EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A flaw was discovered in the udmabuf device driver of the Linux kernel. The specific flaw resides within a fault handler. The issue arises due to the lack of proper validation of user-supplied data, which can lead to a memory access beyond the end of an array. An attacker can exploit this...

7.8CVSS7.1AI score0.01013EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A flaw in the boot CPU could be exploited by attacks targeting speculative execution behavior. This flaw is related to the power management options in the Linux kernel’s X86 CPU. It was discovered in the way users resume the CPU from suspend-to-RAM. A local user could utilize this flaw to...

5.5CVSS6.8AI score0.00223EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A race condition was detected in the Linux kernel’s IP framework for transforming packets XFRM subsystem, where multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7CVSS6.7AI score0.002EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A flaw in the use of free after the NILFS file system in the Linux kernel was discovered. This flaw causes the function security inodealloc to fail, leading to a call to the nilfsmdtdestroy function. A local user could exploit this flaw to crash the system or potentially escalate their privileges...

7.8CVSS6.7AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

An integer coercion error was detected in the openvswitch kernel module. When there are a sufficient number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected. This could potentially lead to an...

7.8CVSS6.8AI score0.00812EPSS
Exploits5References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A issue was discovered in the Linux kernel through version 5.16-rc6. The function uapifinalize in drivers/infiniband/core/uverbsuapi.c lacks a check for the function kmallocarray...

5.5CVSS6.7AI score0.00214EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux

A remote denial-of-service vulnerability was discovered in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit encounters an unknown state while attempting to parse SKBs that are not present in the queue. Sending two small UDP packets to a system with a UDP interface causes the...

7.5CVSS6.7AI score0.05095EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in ffmpeg, ffmpeg5

It was discovered that FFmpeg git-master, N-113007-g8d24a28d06 contains a segmentation violation through the component /libavcodec/jpeg2000dec.c...

6.5CVSS6.5AI score0.00344EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libxml2

In versions of libxml2 before 2.12.10 and 2.13.x before 2.13.6, there is a use-after-free issue in the xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables functions in the xmlschemas.c file. To exploit this vulnerability, a crafted XML document must be validated against an XML schema with...

9.8CVSS7.1AI score0.0113EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libheif

In Libheif 1.17.6, insufficient checks in ImageOverlay::parse may lead to an out-of-bounds read and write when decoding a heif file that contains an overlay image with forged offsets...

8.1CVSS7.2AI score0.00825EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in krb5

Kerberos 5 also known as krb5 1.21.2 contains a memory leak vulnerability in the file /krb5/src/lib/gssapi/krb5/k5sealv3.c...

7.5CVSS6.7AI score0.01128EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A use-after-free vulnerability exists in the Linux kernel’s net/sched:clsfw component, which can be exploited to achieve local privilege escalation. When the fwchange function is called on an existing filter, the entire tcfresult struct is always copied into the new instance of the filter. This...

7.8CVSS6.6AI score0.00301EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A use-after-free vulnerability in the Linux kernel’s net/sched:clsRoute component can be exploited to achieve local privilege escalation. When the route4change function is called on an existing filter, the entire tcfresult struct is always copied into the new instance of the filter. This creates ...

7.8CVSS6.6AI score0.00565EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A use-after-free vulnerability exists in the Linux kernel’s net/sched:clsu32 component, which can be exploited to achieve local privilege escalation. If the tcfchangeindev function fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in...

7.8CVSS6.7AI score0.00458EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the MCTP protocol within the Linux kernel. The function mctpunregister reclaims the device’s related resources when a netcard is detached. However, a running program may be unaware of this flaw, leading to a use-after-free of the mdev-addrs object, which could potentially...

4.7CVSS6.6AI score0.00349EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux - Vulnerability in linux-5.10, linux-5.15

A use-after-free vulnerability in the Linux kernel's iouring subsystem can be exploited to achieve local privilege escalation. Racing an iouring cancel poll request with a linked timeout can cause a UAF in an hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59...

7.8CVSS6.7AI score0.00718EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A null pointer dereference was detected in the Linux kernel’s Integrated Sensor Hub ISH driver. This issue could allow a local user to crash the system...

5.5CVSS6.5AI score0.00207EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

A NULL pointer dereference flaw was discovered in the Linux kernel’s AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the system...

5.5CVSS6.7AI score0.00195EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the netdevsim device driver of the Linux kernel, related to the scheduling of events. This issue arises due to improper management of a reference count. This could allow an attacker to create a denial-of-service condition on the system...

4.4CVSS6.7AI score0.0034EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox

During the process shutdown, it was possible for an ImageBitmap to be created, which would later be used after being freed from a different code path, resulting in a potentially exploitable crash. This vulnerability affects Firefox versions less than 118...

9.8CVSS7.3AI score0.00835EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in xorg-server

A flaw related to out-of-bounds memory access was discovered in the X.Org server. This issue can occur when a device that has been frozen by a sync operation is reattached to a different master device. This issue may result in an application crashing, local privilege escalation if the server runs...

7.8CVSS7.2AI score0.01229EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in the X.Org server. Both DeviceFocusEvent and XIQueryPointer responses contain a bit for each logical button that is currently active. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server only allocates space for the specific number of buttons on...

9.8CVSS6.5AI score0.02106EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. Chromium security severity: Low...

4.3CVSS6.1AI score0.00801EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could override the child Content Security Policy. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

6.5CVSS6.5AI score0.006EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.2AI score0.00489EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Memory safety bugs exist in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...

8.8CVSS7.6AI score0.00745EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When resolving a symbolic link, a race condition may occur, where the buffer passed to readlink might actually be smaller than necessary. This bug only affects Firefox on Unix-based operating systems Android, Linux, MacOS. Windows is unaffected. This vulnerability affects Firefox ESR 115.6,...

5.3CVSS6.7AI score0.00665EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: iris: Fixed a use-after-free in irisreleaseinternalbuffers The recent change in commit 1dabf00ee206 “media: iris: gen1: Destroy internal buffers after FW releases” introduced a regression where sessionreleasebuf might free...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Chromium

Before version 88.0.4324.182, using "Use after free" in Downloads in Google Chrome on Windows allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...

9.6CVSS7.4AI score0.0117EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libmysofa

Incorrect handling of input data in the mysofaresamplerresetmem function in the libmysofa library between versions 0.5 and 1.1 may lead to heap buffer overflow and overwriting of a large memory block...

6.5CVSS6.9AI score0.01223EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Apache2

Heap-based Buffer Overflow vulnerability in modproxyajp of Apache HTTP Server. If modproxyajp connects to a malicious AJP server, that malicious AJP server can send a malicious AJP message back to modproxyajp, causing it to write 4 bytes controlled by the attacker after the end of a heap-based...

9.8CVSS7.2AI score0.01325EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Apache2

A out-of-bounds read vulnerability exists in the modproxyajp module of the Apache HTTP Server. This issue affects the Apache HTTP Server version up to 2.4.66. Users are recommended to upgrade to version 2.4.67, as this fix addresses the vulnerability...

5.3CVSS5.7AI score0.00393EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Apache2

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a remote attacker to bypass Digest authentication. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

4.8CVSS5.7AI score0.00557EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Apache2

Improper null termination and out-of-bounds read vulnerabilities in the Apache HTTP Server. This issue affects the Apache HTTP Server version up to 2.4.66. Users are recommended to upgrade to version 2.4.67, as this fix addresses the vulnerability...

5.3CVSS5.8AI score0.00485EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux-Firmware

Improper input validation in some IntelR PROSet/Wireless WiFi and KillerTM WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access...

6.5CVSS6.6AI score0.0061EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Apache2

Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server up to version 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes this vulnerability...

7.5CVSS5.7AI score0.00394EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Apache2

A NULL pointer dereferencing in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

5.3CVSS5.8AI score0.00514EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Apache2

A privilege escalation bug in various modules of Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

8.8CVSS5.8AI score0.00654EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in PackageKit

PackageKit is a D-Bus abstraction layer that allows users to manage packages in a secure manner using an API that works across different distros and architectures. From version 1.0.2 to 1.3.4, PackageKit was vulnerable to a time-of-check time-of-use TOCTOU race condition involving transaction...

8.8CVSS7.4AI score0.0046EPSS
Exploits10References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00617EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: The existing SPTE is dropped/zapped even when creating an MMIO SPTE. When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it’s shadow-present. While the commit a54aa15c6bda3 was...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in binutils

A vulnerability was discovered in cp-demangle.c of GNU libiberty, as part of GNU Binutils 2.31. There is a stack consumption vulnerability caused by infinite recursion in the functions nextistypequal and cplusdemangletype in cp-demangle.c. Remote attackers could exploit this vulnerability to caus...

5.5CVSS6.8AI score0.01686EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in ANGLE in Google Chrome prior to version 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.6AI score0.01376EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.00982EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: Staging: rtl8192bs: Fixed a deadlock in rtwjoinbsseventprehandle. There is a deadlock in rtwjoinbsseventprehandle, as shown below: Thread 1 | Thread 2 | settimer rtwjoinbsseventprehandle | modtimer spinlockbh //1 | Wait...

5.5CVSS6.2AI score0.00186EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in SQLite3

The ext/fts3/fts3.c file in SQLite before version 3.32.0 contains a use-after-free in the fts3EvalNextRow function, which is related to the snippet feature...

7CVSS7.1AI score0.0103EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, and Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver’s default device attribute group The sysfs nodes related to the DisplayPort driver may be available to the user space before typecaltmodesetdrvdata completes in...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Jetty9

In Eclipse Jetty versions 9.2.26 and earlier, 9.3.25 and earlier, as well as 9.4.15 and earlier, the server is vulnerable to XSS attacks if a remote client uses a specially formatted URL against the DefaultServlet or ResourceHandler that is configured to display a listing of directory contents...

6.1CVSS6.8AI score0.09591EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/damon/vaddr-test: A memory leak was fixed in damondotestapplythreeregions. When CONFIGDAMONVADDRKUNITTEST=y is enabled, and CONFIGDEBUGKMEMLEAK=y and CONFIGDEBUGKMEMLEAKAUTOSCAN=y are set, the aforementioned memory leak is...

5.5CVSS6.1AI score0.00253EPSS
Exploits0References2
Total number of security vulnerabilities18095