Lucene search
K
AstralinuxRecent

18100 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: Staging: rtl8192bs: Fixed a deadlock in rtwjoinbsseventprehandle. There is a deadlock in rtwjoinbsseventprehandle, as shown below: Thread 1 | Thread 2 | settimer rtwjoinbsseventprehandle | modtimer spinlockbh //1 | Wait...

5.5CVSS6.2AI score0.00186EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in SQLite3

The ext/fts3/fts3.c file in SQLite before version 3.32.0 contains a use-after-free in the fts3EvalNextRow function, which is related to the snippet feature...

7CVSS7.1AI score0.0103EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, and Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver’s default device attribute group The sysfs nodes related to the DisplayPort driver may be available to the user space before typecaltmodesetdrvdata completes in...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Jetty9

In Eclipse Jetty versions 9.2.26 and earlier, 9.3.25 and earlier, as well as 9.4.15 and earlier, the server is vulnerable to XSS attacks if a remote client uses a specially formatted URL against the DefaultServlet or ResourceHandler that is configured to display a listing of directory contents...

6.1CVSS6.8AI score0.09591EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/damon/vaddr-test: A memory leak was fixed in damondotestapplythreeregions. When CONFIGDAMONVADDRKUNITTEST=y is enabled, and CONFIGDEBUGKMEMLEAK=y and CONFIGDEBUGKMEMLEAKAUTOSCAN=y are set, the aforementioned memory leak is...

5.5CVSS6.1AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice The ethnlreqgetPhyDev function is used to look up a phyDevice, in cases where an ethtool netlink command targets a specific phyDevice within a netDevice’s topolog...

5.5CVSS6.2AI score0.0019EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Vulkan in Google Chrome before version 112.0.5615.49 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7AI score0.00877EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in TabStrip in Google Chrome prior to version 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.8AI score0.01538EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing compander for aux The AUX interpolator does not have a compander; therefore, check before accessing compander data. Without this check, an out-of-bounds access will occur in the...

7.1CVSS6.2AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Add a wrapper around the mlx5etxreporterdumpsq function to extract the SQ value from the struct mlx5etxtimeoutctx structure and set it as the dump callback for the TX-timeout-recovery flow. The mlx5etxreporterdumpsq...

5.5CVSS6.2AI score0.00243EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.15, Linux

A flaw in memory leak prevention in the Linux kernel’s cpuentryarea mechanism for mapping X86 CPU data to memory was discovered. This flaw allows a local user to guess the locations of exception stacks or other important data. By exploiting this flaw, a local user can gain access to certain...

5.5CVSS6.5AI score0.00301EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed a potential NULL dereference in nfsgetclient. None of the callers is expected to receive a NULL return value from nfsgetclient. Therefore, this code will result in an Oops error. It’s better to return an error pointer....

5.5CVSS6.1AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in WebKit2GTK

A memory consumption issue has been resolved through improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS7.9AI score0.01508EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ixgbe: Fixed a panic that occurred during XDPTX when there were more than 64 CPUs. The commit 4fe815850bdc “ixgbe: allow xdpdrv to work with more than 64 CPUs” adds support for allowing XDP programs to run on systems with more...

6.6AI score0.00175EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Netty

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.129.Final and 4.2.8.Final, the io.netty.handler.codec.http.HttpRequestEncoder had a CRLF injection in the request URI during request construction. This led to request smuggling when HttpRequestEncoder w...

6.5CVSS6.6AI score0.00292EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

It was discovered that the clsRoute filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it, if its handle had the value 0...

7.8CVSS7AI score0.06214EPSS
Exploits7References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Handle softirqs at the end of the IRQ thread to fix a hang issue. The ks8851irq thread may call ks8851rxpkts if there are any packets in the MAC FIFO, which in turn calls netifrx. This implementation of netifrx is...

5.5CVSS6.3AI score0.00213EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xsk: Check IFFUP earlier in the Tx path. The Xsk Tx operation can be triggered via either sendmsg or poll system calls. Both paths involve a call to the common function xskxmit, which contains two sanity checks. Here’s a...

5.5CVSS5.9AI score0.00143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Intel Microcode

Improper access control for some 3rd Generation IntelR XeonR Scalable Processors before the BIOS version MR7 may allow a local attacker to potentially enable information disclosure through local access...

5.5CVSS6.3AI score0.00306EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in pgbouncer

When PgBouncer is configured to use “cert” authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1...

8.1CVSS7.4AI score0.01029EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in amd64-microcode

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to influence the cache line write-back behavior of the CPU, resulting in a potential loss of integrity of the guest virtual machine VM memory...

6.5CVSS6.7AI score0.01018EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

Linux Kernel nftables Out-of-Bounds Read/Write Vulnerability; nftbyteorder improperly handles the contents of VM registers when CAPNETADMIN is in any user or network namespace...

7.8CVSS6.8AI score0.01508EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: igb: Cleanup in all error paths when enabling SR-IOV After commit 50f303496d92 “igb: Enabling SR-IOV after reinit”, removing the igb module could cause a hang or crash depending on the machine when the module was loaded with the...

6.3AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Apache2

A carefully crafted request uri-path can cause modproxyuwsgi to exceed the allocated memory and result in a crash DoS. This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 inclusive...

7.5CVSS7.2AI score0.62887EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Python 2.7

In Python 3.x through 3.9.1, there is a buffer overflow issue in the PyCArgrepr function within ctypes/callproc.c. This issue may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input. This was demonstrated by the use of the argument...

9.8CVSS7.6AI score0.23293EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

6.5CVSS6.6AI score0.01576EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox

WebExtensions with the correct permissions were able to create and install ServiceWorkers for third-party websites that would not have been uninstalled with the extension. This vulnerability affects Firefox versions earlier than 95...

6.5CVSS6.7AI score0.00862EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux

The Linux kernel up to version 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database also known as dbx protection mechanism. This issue affects the certs/blacklist.c and certs/systemkeyring.c files...

6.9CVSS6.6AI score0.00528EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux

A flaw was discovered in the Linux kernel. A memory use-after-free vulnerability was identified in the perf subsystem, allowing a local attacker with permission to monitor perf events, thereby corrupting memory and potentially escalating privileges. The most significant threat of this vulnerabili...

7.8CVSS6.6AI score0.00302EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

A flaw in ICMP packets within the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw enables a malicious remote attacker to effectively bypass the UDP source port randomization mechanism. Software that relies on UDP source port randomization is also indirectly affected o...

7.4CVSS6.9AI score0.06692EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

A flaw was discovered in the HDLCPPP module of the Linux kernel in versions prior to 5.9-rc7. Memory corruption and a read overflow occur due to improper input validation in the pppcpparsecr function, which can cause the system to crash or lead to a denial of service. The greatest threat posed by...

7.5CVSS6.6AI score0.03292EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability in Linux

A flaw was discovered in the Linux kernel in versions prior to 5.9-rc6. When changing the screen size, an out-of-bounds memory write can occur, leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be completely ruled out...

5.6CVSS6.6AI score0.00344EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Linux

The IBM Power9 AIX 7.1, 7.2, and VIOS 3.1 processors may allow a local user to obtain sensitive information from the data in the L1 cache under certain circumstances. IBM X-Force ID: 189296...

5.1CVSS6.2AI score0.00387EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux

In the Bluetooth BR/EDR Core Specification v5.2 and earlier, legacy pairing and secure-connection pairing authentication mechanisms may allow an unauthenticated user to complete the authentication process without using pairing credentials through adjacent access. An unauthenticated, adjacent...

5.4CVSS6.7AI score0.02386EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

In the binderreleasework function of binder.c, there is a potential use-after-free issue due to improper locking. This could lead to a local escalation of privileges in the kernel, without the need for additional execution privileges. User interaction is not required for exploitation. Product:...

7.8CVSS6.4AI score0.00507EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to 2.11.8, as well as versions on the 3.x branch prior to 3.23.0, have a out-of-bounds read vulnerability in the FreeRDP client’s RDPGFX channel. This vulnerability allows a malicious RDP server to...

8.1CVSS7.2AI score0.00284EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libwebp

A flaw was discovered in libwebp in versions prior to 1.0.1. An out-of-bounds read was identified in the ChunkAssignData function. The greatest threat posed by this vulnerability is related to data confidentiality and service availability...

9.1CVSS6.7AI score0.02302EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm, swap: fixed a potential UAF issue related to VMA readahead. Since commit 78524b05f1a3 “mm, swap: avoiding redundant swap device pinning”, the common helper function for allocating and preparing a swap entry in the swap cache...

5.7AI score0.00154EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: gpiolib: acpi: Initialize the acpigpioinfo structure Since commit 7c010d463372 “gpiolib: acpi: Ensure that the acpigpioinfo structure is initialized”, uninitialized acpigpioinfo structures are passed to acpifindgpio, and later, t...

7.8CVSS5.7AI score0.00143EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A flaw was discovered in the Netfilter subsystem of the Linux kernel. The issue lies with the nftbyteordereval function, where the code iterates through an loop and writes to the dst array. In each iteration, 8 bytes are written, but dst is an array of u32 values; therefore, each element in the...

6.6CVSS6.6AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in mat2

Before version 0.13.0, mat2 also known as the metadata anonymisation toolkit allowed ../ directory traversal during the ZIP archive cleaning process. This issue primarily affects mat2 web instances, where clients could obtain sensitive information through a crafted archive...

7.5CVSS7.1AI score0.02103EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A out-of-bounds read vulnerability was discovered in smbCalcSize in the fs/smb/client/netmisc.c file within the Linux kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

7.1CVSS6.7AI score0.00526EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: – In ext4, there’s a issue where the timer used after free is corrupted upon a failed mount. Syzbot has identified an ODEBUG bug in the ext4fillsuper function. The deltimersync function cancels the serrreport timer, which...

7.8CVSS6.3AI score0.00277EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A vulnerability has been discovered in the Linux kernel. It has been identified as a problem. This vulnerability affects the function vsockconnect in the file net/vmwvsock/afvsock.c. Manipulation of this function leads to a memory leak. The complexity of an attack is quite high. Exploitation of...

3.3CVSS5.6AI score0.00326EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: SCTP: A potential out-of-bounds exception has been prevented in sctptransportupdaterto. SYZBOOT reported a potential out-of-bounds exception 1. The responsible developer added rtoalphamax and set rtobetamax to 1000. It is...

6AI score0.00189EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

Before version 101.0.4951.41, using File Manager in Google Chrome allowed a remote attacker to potentially exploit heap corruption through specific and direct user interactions...

8.8CVSS7AI score0.0073EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 101.0.4951.41, using free after in SwiftShader in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00853EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 101.0.4951.41, using "after free" in ANGLE with Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00853EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox

A website can prevent a user from exiting full-screen mode through alerts and prompts. This can lead to user confusion and potential spoofing attacks. This vulnerability affects Firefox versions earlier than 115...

6.5CVSS6.7AI score0.00284EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

There is a null-pointer-dereference flaw found in f2fswriteendio in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem...

4.7CVSS6.2AI score0.00197EPSS
Exploits0References2
Total number of security vulnerabilities18100