Lucene search
K
AstralinuxRecent

18099 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.14 views

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel versions 2.6.39 through 5.10.16, as used in Xen. The block, net, and SCSI backends consider certain errors as ordinary bugs, which are deliberately designed to cause kernel crashes. For errors that may be influenced by guests such as memory exhaustion...

5.5CVSS6.6AI score0.00544EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a bug in extent parsing when ehentries == 0 and ehdepth 0. When traversing inode extents, the ext4extbinsearchidx function assumes that the extent header has been validated previously. However, there are no checks to...

5.5CVSS6.1AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: udptunnel: Use netdevwarn instead of netdevWARN. netdevWARN uses WARN/WARNON to print a backtrace along with file and line information. In this case, udptunnelnicregister failing due to a memory allocation failure e.g., kzalloc o...

6.1AI score0.00173EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a potential double-free issue in createvarref. In createvarref, initvarref is called to initialize the fields of the reffield variable. This variable is allocated in the previous function call, which creates...

7.8CVSS6.2AI score0.00289EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Python-Django

In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validateipv4address, and validateipv46address did not prohibit leading zero characters in octal literals. This may allow bypassing access control based on IP addresses. validateipv4address and validateipv46address...

7.5CVSS7.2AI score0.03058EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in iproute2

In iproute2 before version 5.1.0, there is a use-after-free issue in the getnetnsidfromname function in the ip/ipnetns.c file. NOTE: The relevance of this issue to security may be limited to certain uses of setuid, which, although not a default option, are sometimes an optional configuration...

4.4CVSS6.4AI score0.00403EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Set lineeventstate::irq after the IRQ register is successfully set. When running the gpio test on the nxp-ls1028 platform using the following command: gpiomon --num-events=3 --rising-edge gpiochip1 25 A warning tra...

5.5CVSS6AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Do not leak netobj memory when gssreadproxyverf fails...

6AI score0.00215EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 96.0.4664.93, using the "after free" mechanism in the file API in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7AI score0.02073EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed the warning message caused by adisc being flushed. The Linux kernel triggered a warning message where a different error code type did not match the expected type. Added additional translations for one erro...

5.5CVSS6.2AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in openexr

There is a flaw in OpenEXR’s ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who can submit a crafted file to an application that uses OpenEXR may cause a out-of-bounds read vulnerability. The most significant risk of this flaw is the disruption of the application’s...

5.5CVSS6.8AI score0.00428EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/connector: Only call HDMI audio helper pluggedcb if fn is not null. During driver removal, sound/soc/codecs/hdmi-codec.c calls pluggedcb with NULL as the callback function and codecdev. This is evident in the hdmiremove...

5.5CVSS6.4AI score0.00138EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7AI score0.00745EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: xtensa: xtfpga: Fixed a refcount leak bug in setup. In machinesetup, offindcompatiblenode will return a node pointer with the refcount incremented. We should use ofnodeput when it is no longer needed...

5.5CVSS6AI score0.00243EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Thrift

In Apache Thrift, all versions up to and including 0.12.0, a server or client may encounter an infinite loop when processing specific input data. Since this issue was partially addressed in version 0.11.0, it only affects certain language bindings, depending on the installed version...

7.8CVSS6.8AI score0.09082EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915: Fixed the reference counting during error capture and debugfs dump. When GuC support was added to error capture, the reference counting around the request object was broken. This issue has been fixed. The context-bas...

5.5CVSS6AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in RustC

In the standard library of Rust before version 1.29.0, there is weak synchronization in the Arc::getmut method. This synchronization issue can lead to memory safety issues due to race conditions...

5.9CVSS6.2AI score0.01054EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux

A flaw was discovered in the Linux kernel in versions prior to 5.4.92 regarding the BPF protocol. This flaw allows an attacker with a local account to disclose information about kernel internal addresses. The greatest threat posed by this vulnerability relates to confidentiality...

3.3CVSS6.6AI score0.00255EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: dropping short frames Technically, some control frames, such as ACK frames, are shorter and end after “Address 1”. Such frames should not be forwarded through wmediumd or similar user-space mechanisms...

7.1CVSS6.1AI score0.0014EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed a general protection fault in nilfsbtreeinsert If nilfs2 reads a corrupted disk image and attempts to read a b-tree node by calling nilfsbtreegetblock against an invalid virtual block address, it returns -ENOENT...

5.5CVSS6AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

10CVSS7.7AI score0.02145EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

Intel’s microprocessor generations 6 to 8 are affected by a new Spectre variant that can bypass the retpoline mitigation mechanism in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to execute arbitrary speculative code under certain...

6.5CVSS7.2AI score0.04947EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Pypy

In Python 2.x through 2.7.16, urllib supports the localfile scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs. This is demonstrated by triggering a urllib.urlopen'localfile:///etc/passwd' call...

9.1CVSS6.8AI score0.11844EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Pypy

Python versions 2.7.x through 2.7.16, and 3.x through 3.7.2 are affected by improper handling of Unicode encoding with an incorrect netloc during NFKC normalization. The impact is information disclosure—credentials, cookies, etc., that are cached against a given hostname. The affected components...

9.8CVSS6.7AI score0.08811EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in several Ansible modules, where parameters containing credentials, such as “secrets,” were logged in plain text on managed nodes, and were also made visible on the controller node when run in verbose mode. These parameters were not protected by the “nolog” feature. An...

5.5CVSS6.8AI score0.00333EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible. Credentials, such as secrets, are being disclosed in the console logs by default, and are not protected by the nolog feature when using those modules. An attacker can exploit this information to steal those credentials. The greatest threat posed by this...

5.5CVSS6.8AI score0.00347EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in dcmtk

The service class provider SCP of OFFIS DCMTK all versions prior to 3.6.7 is vulnerable to path traversal attacks, allowing attackers to write DICOM files into arbitrary directories under controlled names. This could enable remote code execution...

9.8CVSS7.3AI score0.02846EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in python-urllib3

urllib3 is a HTTP client library for Python. The streaming API of urllib3 is designed for efficiently handling large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS6.7AI score0.02667EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Twisted

Twisted is an event-based framework for internet applications, compatible with Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, potentially leading to information disclosure. This vulnerability has been fixed in 24.7.0rc1...

8.3CVSS7.5AI score0.00856EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Ansible

There exists an absolute path traversal attack within the Ansible automation platform. This flaw allows an attacker to create a malicious Ansible role and have the victim execute that role. A symbolic link can be used to overwrite a file that is outside of the extraction path...

6.3CVSS6.8AI score0.00859EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in protobuf

Dereferencing a NullPtr when a null char is present in a proto symbol. The symbol is parsed incorrectly, resulting in an unchecked call into the proto file’s name during the generation of the resulting error message. Since the symbol is incorrectly parsed, the file value is nullptr. We recommend...

6.5CVSS6.6AI score0.0266EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 123. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 124...

9.8CVSS7.6AI score0.0059EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: The fs and lock operations during checks for active status. The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from the hardware, set the hardware deletion function to NULL...

5.5CVSS6.2AI score0.00198EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel before version 5.11.11. The netfilter subsystem allows attackers to cause a denial of service panic because net/netfilter/xtables.c and include/linux/netfilter/xtables.h lack a proper memory barrier when assigning a new table value, known as...

5.5CVSS6.7AI score0.00413EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

The double-free operation in WebGL in Google Chrome before version 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00853EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed an issue where IO operations could hang due to a race condition involving the sbitmap wakeup mechanism. In blkmqmarktagwait, addwaitqueue might be re-ordered. In addition, blkmqgetdrivertag might fail if the driver...

4.7CVSS6.1AI score0.00186EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in libstb

It was discovered that stbimage.h v2.27 contains an integer overflow vulnerability through the stbijpegdecodeblockprogdc function. This vulnerability allows attackers to cause a Denial of Service DoS attack through unspecified vectors...

6.5CVSS6.7AI score0.02069EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: A misbehavior occurred when listversions raced with module loading. listversions will first estimate the required space using the dmtargetiteratelistversiongetneeded, &needed call, and then fill the space using the...

4.7CVSS6.3AI score0.00137EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: llcc: Handle a second device without data corruption. Usually, there is only one llcc device. But if there were a second one, even a failed probe call would modify the global drvdata pointer. Therefore, check whether...

5.5CVSS5.4AI score0.00219EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in ffmpeg

An integer overflow vulnerability exists in the function filter16sobel in libavfilter/vfconvolution.c within Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...

8.8CVSS7AI score0.01182EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

The use of after free in the Media Session in Google Chrome before version 125.0.6422.141 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00819EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Makes vmddev::cfglock of type rawspinlockt Access to the PCI configuration space via pciops::read and pciops::write is a low-level hardware operation. These functions can be accessed with disabled interrupts, even when...

5.5CVSS6.3AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed a deadlock in the tc route query code The cited commit caused a ABBA deadlock0 when peer flows were created while holding the devcom rw semaphore. Due to the peer flow offload implementation, the lock is taken...

5.5CVSS6.1AI score0.0012EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Use mlx5ipsecrxstatusdestroy to correctly delete status rules. rxcreate no longer allocates a modifyhdr instance that needs to be cleaned up. The mlx5modifyheaderdealloc call will lead to a NULL pointer dereference. ...

5.5CVSS6.2AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Object corruption in Blink in Google Chrome prior to version 94.0.4606.54 allowed a remote attacker to potentially exploit object corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.0055EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.26 views

Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...

9.3CVSS8AI score0.036EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. Chromium security severity: Medium...

5.5CVSS6.6AI score0.00366EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in docker.io

Moby is an open-source project created by Docker to enable software containerization. A bug was discovered in Moby Docker Engine, where the data directory /var/lib/docker, contained subdirectories with insufficiently restricted permissions. This allowed unprivileged Linux users to access and...

6.3CVSS6.6AI score0.02693EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 103.0.5060.134, using free after in the Guest View in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00733EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Git

Git is a revision control system. Before versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contained symlinks through the filesystem, Git might create hardlinks to arbitrary user-readable files within the same filesystem as the target...

7.1CVSS6.8AI score0.00956EPSS
Exploits1References2
Total number of security vulnerabilities18099