Lucene search
K
AstralinuxRecent

18099 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox

When following a redirect to a publicly accessible web extension file, the URL may have been translated into the actual local path, potentially exposing sensitive information. This vulnerability affects Firefox versions earlier than 111...

6.5CVSS6.7AI score0.00508EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Firefox

Under certain circumstances, the offline cache of a ServiceWorker may have been leaked to the file system when using private browsing mode. This vulnerability affects Firefox versions earlier than 111...

4.3CVSS6.5AI score0.00456EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Firefox

When dragging and dropping an image across origins, the size of the image may be leaked. This behavior was present in version 109 and caused web compatibility issues, as well as this security concern. Therefore, this behavior was disabled until further review. This vulnerability affects Firefox...

6.5CVSS6.7AI score0.00767EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Thunderbird, Firefox

A background script that invokes requestFullscreen and then blocks the main thread could cause the browser to enter fullscreen mode indefinitely, potentially leading to user confusion or spoofing attacks. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

5.4CVSS6.7AI score0.00546EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

The use of the after-free operation in the File System API in Google Chrome before version 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS6.8AI score0.02524EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A properly crafted CMS message could be processed incorrectly, resulting in an invalid memory read and potentially further memory corruption. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...

8.8CVSS7.1AI score0.00662EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in mbedtls

In Arm Mbed TLS before version 2.19.0, and Arm Mbed Crypto before version 2.0.0, when deterministic ECDSA is enabled, an RNG with insufficient entropy is used for blinding. This may allow an attacker to recover a private key through side-channel attacks if a victim signs the same message multiple...

5.3CVSS6AI score0.01773EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: The issue of a memory leak in ntfsfillsuper was fixed. In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freei...

5.7AI score0.00137EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed the issue where tcx or netkit devices could execute BPFPROGDETACH commands by any user when no program fd was provided, bypassing permission checks. This fix includes a capability check for CAPNETADMIN or CAPSYSADMIN i...

7.3CVSS6.2AI score0.00133EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfs: Return EISDIR when nfs3proccreate is called, if dalias is a directory alias. If we find an alias through nfs3docreate/nfsaddorobtain/dsplicealias that turns out to be a directory dentry, we do not return any errors and simpl...

5.5CVSS6.1AI score0.00116EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed a transaction abort during file creation due to name hash collisions. If we attempt to create several files with names that result in the same hash, we must package them in the same directory item, and there is a...

5.5CVSS6.4AI score0.00163EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against devlec changes. It appears that there were calls to devput without prior calls to devhold, leading to imbalance and UAF Use-After-Fault errors...

7.8CVSS6.2AI score0.0017EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfdfreegttmem clears the correct pointer. The pass pointer reference to amdgpubounref is used to clear the correct pointer. Otherwise, amdgpubounref clears the local variable, but the original pointer is not set to...

7.8CVSS6.2AI score0.00275EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Wireshark

In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This issue was addressed in epan/dissectors/packet-btatt.c by validating opcodes...

6.5CVSS6.7AI score0.01457EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mfd: intelsocpmicbxtwc: Use the IRQ domain for USB Type-C devices. While the idea of adapting the driver to utilize the hierarchy of IRQ chips is correct from a design perspective, the implementation contains flaws. This issue wa...

5.5CVSS6.2AI score0.00213EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host – Fixed a race condition between unprepare and queuebuf. A client driver may use mhiunpreparefromtransfer to quiesce incoming data during the client driver’s tear-down process. The client driver might also be...

4.7CVSS6.2AI score0.0012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in ffmpeg

A denial-of-service vulnerability exists in FFmpeg 4.2 due to a memory leak in the filterframe function in vftile.c...

6.5CVSS6.8AI score0.01041EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fixed stale file descriptors when a usercopy fails. A failed usercopy of the fencerep object will result in a stale entry in the file descriptor table, as putunusedfd will not release that entry. This allows userland ...

7.8CVSS6.2AI score0.00213EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Firefox and Thunderbird

It was possible to cause the use of a MessagePort after it had already been freed, which could potentially lead to an exploitable crash. This vulnerability affects Firefox 120, Firefox ESR 115.5.0, and Thunderbird 115.5...

6.5CVSS6.8AI score0.00859EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in imagemagick

ImageMagick 7.0.10-34 allows division by zero in the OptimizeLayerFrames function in MagickCore/layer.c, which may lead to a denial of service...

4.3CVSS6.7AI score0.01491EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in imagemagick

A NULL pointer dereference flaw was discovered in ImageMagick in versions prior to 7.0.10-31, in the ReadSVGImage function in coders/svg.c. This issue arises from not checking the return value from libxml2’s xmlCreatePushParserCtxt function and directly using that value, resulting in a crash and...

6.5CVSS6.9AI score0.01894EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Apache2

Some modproxy configurations on the Apache HTTP Server versions 2.4.0 through 2.4.55 allow for an HTTP Request Smuggling attack. These configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch, where a non-specific pattern matches a portion of the...

9.8CVSS6.8AI score0.8377EPSS
Exploits5References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Chromium

Before version 104.0.5112.101, using free in Browser Creation in Google Chrome allowed a remote attacker who had convinced a user to perform a specific UI interaction to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.30265EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions, a malicious server may trigger out-of-bound writes in a connected client. Connections that use GDI or SurfaceCommands to send graphics updates to the client may send...

8.8CVSS7.1AI score0.01553EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in WebKit2GTK

A port redirection issue has been resolved with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4, and iPadOS 14.4, as well as Safari 14.0.3. A malicious website may be able t...

6.5CVSS6.9AI score0.01771EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: New folios are initialized before being used. KMSAN reports an uninitialized value in longestmatchstd, which is called from ntfscompresswrite. When new folios are allocated without being marked as “uptodate”, and...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: The recursive rtnllock function occurs during the probe operation. This deadlock appears in a stack trace like this: virtnetprobe rtnllock virtioconfigChangedWork netdevNotifyPeers rtnllock This occurs when the VMM...

5.5CVSS5.8AI score0.00106EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix NULL pointer dereference in class dump When a TAPRIO child qdisc is deleted using RTMDELQDISC, the function tapriograft is called with new == NULL and stores NULL into q-qdiscscl - 1. Subsequent RTMGETTCLAS...

5.6AI score0.00108EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fixed the exit race between damoncall and kdamondfn The patch series “mm/damon/core: fixed the exit race between damoncall/damoswalk and kdmond”. Damoncall and damoswalk can leak memory and/or cause deadlocks when...

4.7CVSS5.7AI score0.00088EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cgroup: Defer the CSS kill operation on rmdir until after the cgroup is emptied. A series of commits back to v7.0 revised rmdir to comply with the controller invariant, which states that the -cssoffline method of a subsystem...

5.5CVSS5.8AI score0.00083EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Containerd

Containerd is an open-source container runtime. A bug was discovered in Containerd’s CRI implementation, where a user could exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user’s process fails to launch d...

6.5CVSS6.7AI score0.01022EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in OpenSSL

Issue summary: Checking excessively long DH keys or parameters can be very slow. Applications that use functions such as DHcheck, DHcheckex, or EVPPKEYparamcheck to check DH keys or parameters may experience prolonged delays. If the keys or parameters being checked were obtained from an untrusted...

5.3CVSS6.6AI score0.02577EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: unittest: Fix for use-after-free in testdrvprobe The function testdrvprobe retrieves the devicenode from the PCI device, applies an overlay, and then immediately calls ofnodeputdn. This releases the reference held by the PCI core...

7.8CVSS5.7AI score0.00163EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb: client: Use kzalloc to zero-initialize the security descriptor buffer. The commit 62e7dd0a39c2d “smb: common: change the data type of numaces to le16” involves splitting the le32 numaces field in the struct smbacl structure...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: octeonep VF: Added NULL checks for napibuildskb. The napibuildskb function can return NULL when allocation fails. In octep VFoqprocessrx, the result is used directly without a NULL check in both the single-buffer and...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fixed a reference leak in usbdev on probe failure The createcard function takes a reference to the USB device using usbgetdev, and stores the corresponding usbputdev in cardfree, which is installed as the destructor...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed a use-after-free in arenavmclose when processing forks. The arenavmopen function only increments vml-mmapcount, but never registers the child VMA in arena-vmalist. vml-vma always points to the parent VMA; therefore,...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fixed multiple graph openings. Since “prepare” can be called multiple times, this can lead to multiple graph openings for the playback path. This will result in memory leaks; therefore, this issue is...

5.6AI score0.00128EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux

A issue was discovered in netfilter within the Linux kernel before version 5.10. There may be a use-after-free situation in the packet processing context, as the per-CPU sequence count is mishandled during concurrent iptables rule replacements. This vulnerability could be exploited with the...

6.7CVSS6.6AI score0.00444EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: Exit if IP has been disabled on the device. syzbot reports: General protection fault, likely for a non-canonical address 0xdffffc0000000003: 0000 1 PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range...

5.5CVSS6.2AI score0.00258EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: net: usb: fixed a memory leak in smsc75xxbind Syzbot reported a memory leak in smsc75xxBind. The issue occurred when non-freeed memory remained after memory allocation due to errors. Backtrace: kmalloc include/linux/slab.h:556...

5.5CVSS5.7AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

In the Overview Mode of Google Chrome on Chrome OS, before version 104.0.5112.79, a remote attacker who convinced a user to engage in certain user interactions could potentially exploit heap corruption through specific UI interactions...

8.8CVSS7.3AI score0.00422EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability in Chromium

The inappropriate implementation of the HTML parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

4.3CVSS6.2AI score0.00708EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in LibreOffice

Insufficient macro permission validation in The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions, LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated, without warning...

8.8CVSS7.3AI score0.00772EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.16 views

Astra Linux – Vulnerability in Wireshark

Improper URL handling in Wireshark versions 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 may allow for remote code execution through packet injection or crafted capture files...

8.8CVSS8.3AI score0.03639EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rtc: gamecube: Fixed a refcount leak in gamecubertcreadoffsetfromsram. The offindcompatiblenode function returns a node pointer whose refcount is incremented. We should use ofnodeput on it after processing. Also, add the missing...

5.5CVSS5.9AI score0.00209EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fixed bioput for error cases As of commit 066ff571011d “block: turning biokmalloc into a simple kmalloc wrapper”, a memory block allocated by biokmalloc must be freed using biouninit and kfree. This process i...

5.5CVSS6AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

In some cases, a stale value might have been used for a global variable during WASM JIT analysis. This led to incorrect compilation and potentially exploitable crashes in the content process. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

5.3CVSS6.6AI score0.01007EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tipc: Improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structures from peer nodes to track their views of the network topology. This patch verifies tha...

5.5CVSS6.3AI score0.67994EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in SQLite3

In SQLite 3.30.1, the exprListAppendList function in the window.c file allows attackers to trigger a invalid pointer dereferencing issue, as constant integer values in ORDER BY clauses of window definitions are handled incorrectly...

7.5CVSS6.9AI score0.06937EPSS
Exploits0References2
Total number of security vulnerabilities18099