Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Firefox, Thunderbird, and Expat

In Expat also known as libexpat, before version 2.4.3, a left shift of 29 or more in the storeAtts function in xmlparse.c could lead to improper realloc behavior. This could result in allocating too few bytes, or only freeing memory after it was no longer needed...

9CVSS7.3AI score0.042EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libxml2

There is a flaw in the XML entity encoding functionality of libxml2 in versions prior to 2.9.11. An attacker who can provide a crafted file for processing by an application that utilizes the affected functionality of libxml2 may trigger an out-of-bounds read. The most likely impact of this flaw i...

8.6CVSS6.8AI score0.0828EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Performing garbage collection on re-declared JavaScript variables led to a “user-after-poison” situation, and potentially caused a exploitable crash. This vulnerability affects Firefox 85, Thunderbird 78.7, and Firefox ESR 78.7...

8.8CVSS7.3AI score0.01196EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in curl

Curl versions 7.21.0 through 7.73.0 are vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...

7.5CVSS6.8AI score0.09917EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel, specifically with versions up to 5.9.1, when used with Xen in versions up to 4.14.x. Users of guest operating systems may experience a denial of service where the host operating system hangs due to a high rate of events affecting dom0, also known as...

5.5CVSS6.5AI score0.0041EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Vim

Vim is vulnerable to Heap-based Buffer Overflow attacks...

7.8CVSS7.1AI score0.01589EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c within the ext4 subsystem of the Linux kernel, as of version 5.13.13...

7CVSS6.6AI score0.00303EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux

A vulnerability was discovered in the Linux kernel, where a reference count leak occurs in the llcpsockbind function, leading to a use-after-free condition. This could result in privilege escalation...

7.8CVSS6.5AI score0.00613EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – Do not read beyond the mfuart notification. In the event that the firmware sends a notification claiming to have more data than it actually does, we will read beyond the allocated space for the notification. ...

5.5CVSS6.2AI score0.00265EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy through a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.6AI score0.00621EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in glib2.0

A flaw was discovered in GLib. The deserialization of GVariant is vulnerable to a slowdown issue, where a maliciously crafted GVariant can cause excessive processing, resulting in a denial of service...

5.5CVSS6.8AI score0.00376EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in gst-plugins-bad1.0

A flaw was discovered in the gstreamer H.264 component of gst-plugins-bad before v1.18.1. When parsing an H.264 header, an attacker could cause the stack to be corrupted, leading to memory corruption and potentially code execution...

9.8CVSS7.4AI score0.02377EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in etcd

A DNS rebinding vulnerability has been discovered in etcd 3.3.1 and earlier versions. An attacker can manipulate their DNS records to direct requests to localhost, thereby tricking the browser into sending requests to localhost or any other address...

5.5CVSS6.3AI score0.00512EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fixed bugs that occurred outside the bounds of the allowed values, caused by the absence of skb-macheader. If an AFPACKET socket is used to send packets through ipvlan, and the default xmit function of the AFPACKET socket...

7.7CVSS6.1AI score0.00251EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Thunderbird, Firefox

An outdated library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox versions earlier than 108...

8.8CVSS7AI score0.00892EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Git

Git is an open-source, scalable, distributed revision control system. git shell is a restricted login shell that can be used to implement Git’s push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits comman...

8.8CVSS7.6AI score0.02938EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in TIF format

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in TIFFmemcpy in libtiff/tifunix.c:346, when called from extractImageSection, located at tools/tiffcrop.c:6860. This vulnerability allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile...

6.5CVSS6.8AI score0.01016EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in TIF format

LibTIFF 4.4.0 contains an out-of-bounds read vulnerability in the writeSingleSection function located at line 7345 in the tools/tiffcrop.c file. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIFF file. For users who compile LibTIFF from source code, t...

6.5CVSS6.8AI score0.00949EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Fribidi

A segmentation fault flaw was discovered in the Fribidi package, affecting the fribidiremovebidimarks function in the lib/fribidi.c file. This flaw allows an attacker to submit a specially crafted file to Fribidi, resulting in a crash and causing a denial of service...

5.5CVSS6.7AI score0.00454EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Vim

Use After Free in the GitHub repository vim/vim before version 9.0.0225...

7.8CVSS7.1AI score0.00497EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Vim

NULL pointer dereferencing in the GitHub repository for Vim/Vim before version 9.0.1392...

6.6CVSS6.7AI score0.00426EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: iommu/omap: Fixed buffer overflow in debugfs There are two issues here: 1 The “len” variable needs to be checked before the very first write. Otherwise, if omap2iommudumpctx is called with “bytes” less than 32, it will result ...

7.8CVSS6.2AI score0.00172EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: client: fixed a potential Use-after-Allocation error in cifssignalcifsdforreconnect. Skipped sessions that are being terminated status == SESEXITING to avoid UAF errors...

7.8CVSS6.2AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: WireGuard: netlink: Check for dangling peers via isdead instead of an empty list If all peers are removed using wgpeerremoveall, rather than setting peerlist to empty, the peer is added to a temporary list at the beginning of...

7.8CVSS6.3AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Regenerate the buddy structure after block freeing fails when under fc replay. This fix primarily reverts to commit 6bd97bf273bd “ext4: Remove redundant mbregeneratebuddy”, and reintroduces the function mbregeneratebuddy...

5.5CVSS6.1AI score0.00278EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc Lazy garbage collection for rbtree during insertions may collect end interval elements that have just been added during these transactions. These elements are skipped, as...

7.8CVSS5.8AI score0.02224EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

A race condition was detected in the Linux kernel’s media/xc4000 device driver, specifically in the xc4000getfrequency function. This can lead to a return value overflow issue, potentially causing malfunctions or denial-of-service problems...

6.3CVSS6.6AI score0.00205EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: afunix: Obtaining userns from inskb in unixdiaggetexact. Wei Chen reported a NULL dereference in skuserns 01. Paolo identified the root cause: in unixdiaggetexact, the newly allocated skb does not have sk.2 We must obtain the...

5.5CVSS6.3AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in dnsmasq

A single-byte, non-arbitrary write/use-after-free flaw was discovered in dnsmasq. This flaw allows an attacker to send a crafted packet processed by dnsmasq, potentially causing a denial of service...

7.5CVSS7.2AI score0.01487EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Certain network request objects were freed too early when releasing a network request handle. This could have led to a use-after-free condition, potentially causing a crash that can be exploited. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

8.8CVSS7.2AI score0.0096EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in ffmpeg

A issue was discovered in the FFmpeg package, where vp3decodeframe in libavcodec/vp3.c lacks a check on the return value of avmalloc. This leads to a null pointer dereferencing, which affects functionality...

7.5CVSS6.8AI score0.0142EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: A missing range check was added in bitmapipuadt. When tbIPSETATTRIPTO is not present, but tbIPSETATTRCIDR exists, the values of ip and ipto are slightly swapped. As a result, the range check for ip should be...

7.8CVSS6.2AI score0.00396EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfsd: Cancel nfsdshrinkerwork using sync mode in nfs4stateshutdownnet In the normal case, when we execute echo 0 /proc/fs/nfsd/threads, the function nfs4statedestroynet in nfs4stateshutdownnet will release all resources related t...

7.8CVSS6.4AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Vim

Stack-based Buffer Overflow in the GitHub repository for vim/vim before version 9.0...

7.8CVSS7.1AI score0.01408EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: um: virtiouml: Fixed a use-after-free after putdevice in probe. When registervirtiodevice fails in virtioumlprobe, the code sets vudev-registered = 1, even though the device was not successfully registered. This can lead to...

7.8CVSS6.5AI score0.0014EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libxslt

A use-after-free vulnerability was discovered in libxslt while parsing XSL nodes, which may lead to the dereferencing of expired pointers and cause the application to crash...

5.5CVSS5.2AI score0.00161EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.7AI score0.01163EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in opensc

The gemsafe GPK smart card software driver in OpenSC before version 0.21.0-rc1 has a stack-based buffer overflow in the scpkcs15emugemsafeGPKinit function...

5.5CVSS7AI score0.00401EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It’s possible to cause the allocation length to overflow with a specially crafted tar file, resulti...

6.7CVSS6.9AI score0.00262EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

A flaw in the Linux kernel’s implementation of the RDMA communication manager listener code allowed an attacker with local access to set up a socket to listen on a high port. This allowed for a memory element to be used after it was freed. With the ability to execute code, a local attacker could...

7.8CVSS6.8AI score0.00296EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow, which may lead to the disclosure of sensitive information...

7.6CVSS6.7AI score0.01631EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in SQLite in Google Chrome prior to version 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.1AI score0.0112EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in cups-filters

CUPS versions before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting the addition of a printer. This is a different vulnerability than CVE-2024-47176. The request is intended to test the new printer, but it can also be us...

7.5CVSS7.3AI score0.00859EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in python-urllib3

In urllib3 before version 1.24.2, the authorization HTTP header is not removed when following a cross-origin redirect i.e., a redirect that differs in host, port, or scheme. This can allow credentials in the authorization header to be exposed to unintended hosts or transmitted in cleartext. NOTE:...

6.1CVSS7AI score0.00512EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Using “after free” in DevTools in Google Chrome before version 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.3AI score0.00342EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ACPI: Video – Fix for a use-after-free in acpivideoswitchbrightness The switchbrightnesswork delayed work accesses device-brightness and device-backlight, which were freed by acpivideodevunregisterbacklight during device removal...

6.1AI score0.00171EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Therefore, dereferencing req-iv after its return is invalid...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, and Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not call BUGON when the reference count is 0 at btrfslookupextentinfo. Instead of calling BUGON, handle the error by returning -EUCLEAN, aborting the transaction, and logging an error message...

5.5CVSS6.2AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Added idatasem protection in ext4destroyInlinedatanolock Fixed a race condition between inline data destruction and block mapping. The function ext4destroyInlinedatanolock changes the inode data layout by clearing...

5.9AI score0.0018EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevention of integer overflow issues In the expression “cmd.wqesize cmd.wrcount”, both variables are of type u32 and come from the user space. This multiplication can lead to integer wraparound issues. Similarly, th...

5.5CVSS6.2AI score0.00207EPSS
Exploits0References2
Total number of security vulnerabilities18095