Lucene search
K
AstralinuxRecent

18100 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Cast in Google Chrome before version 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7AI score0.007EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Web Workers in Google Chrome before version 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00635EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: i40e: The macvlan leak was fixed by synchronizing access to macfilterhash. This patch addresses a macvlan leak issue in the i40e driver, which was caused by concurrent access to vsi-macfilterhash. The leak occurs when multiple...

5.5CVSS6.2AI score0.00219EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in WebKit2GTK

In WebKitGTK before 2.32.4, there is an incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, which leads to a segmentation violation and an application crash. This is a different vulnerability than CVE-2021-30889...

6.5CVSS6.2AI score0.01425EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations in service workers in Google Chrome prior to version 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation through a crafted HTML page...

6.5CVSS6.8AI score0.00911EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: bpflocalstorage: Always use bpfmemalloc in PREEMPTRT. In PREEMPTRT, kmallocGFPATOMIC is still not safe in non-preemptible contexts. Therefore, bpfmemalloc must be used in PREEMPTRT. This patch aims to enforce the use of...

5.5CVSS6.1AI score0.0013EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Intel Microcode

Insufficient control flow management in some IntelR processors may allow an authenticated user to potentially enable a denial of service via local access...

5.5CVSS6.4AI score0.00299EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Intel Microcode

Improper initialization of shared resources in some IntelR processors may allow an authenticated user to potentially enable information disclosure via local access...

5.5CVSS6.4AI score0.00332EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

During garbage collection, additional operations were performed on an object that should not have been done. This could have led to a potentially exploitable crash. This vulnerability affects Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1...

7.5CVSS6.8AI score0.01184EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Heimdal, Samba

A heap-based buffer overflow vulnerability was discovered in Samba, specifically within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow for a length-limited write buffer overflow on memory allocated by malloc,...

6.5CVSS6.9AI score0.0369EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 115. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 116...

9.8CVSS7.6AI score0.00633EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in WebKit2GTK

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4, and iPadOS 14.4, as we...

8.8CVSS7AI score0.01604EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/tilcdc: Fixed the cleanup actions in case of a failed probe. The drmkmshelperpollfini and drmatomichelpershutdown helpers should only be called when the device has been successfully registered. Currently, these functions a...

5.5CVSS5.9AI score0.00117EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Python 2.7, Python 3.7

A flaw was discovered in Python, specifically in the FTP File Transfer Protocol client library when operating in PASV passive mode. The issue arises from how the FTP client defaults to trusting the host based on the PASV response. This flaw allows an attacker to create a malicious FTP server that...

5.3CVSS6.8AI score0.02511EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick’s coders/jp2.c. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, including division by zero in mathematics. The greatest threat of this vulnerability is to system availability...

5.5CVSS6.8AI score0.01117EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

4.3CVSS6.1AI score0.00724EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in libxstream-java

XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available, by manipulating the processed input stream with a Java runtime version 14 to 8. ...

8.5CVSS6.9AI score0.03437EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Mozilla developers reported memory safety bugs in Firefox 92 and Firefox ESR 91.1. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Thunderbird...

8.8CVSS7.6AI score0.01232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When creating a callback via IPC to display the File Picker window, multiple identical callbacks might be created at once. Eventually, all of them would be destroyed as soon as one of the callbacks is completed. This could lead to a use-after-free condition, resulting in a potentially exploitable...

6.5CVSS6.6AI score0.00571EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A problem with lowering/register allocation could lead to obscure but deterministic register confusion failures in JITted code, which could result in a potentially exploitable crash. This vulnerability affects Firefox 91 and Thunderbird 91...

8.8CVSS7.6AI score0.01004EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox

Mozilla developers and community members reported memory safety bugs in Firefox 90. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versio...

8.8CVSS7.4AI score0.01009EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 102. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefo...

8.8CVSS7.6AI score0.00748EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: devres: A memory leak caused by the driver API devmfreepercpu has been fixed. A memory leak occurs when the driver API devmfreepercpu is used to release memory allocated by devmallocpercpu. This issue was addressed by using...

5.5CVSS6.2AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iouring: A potential deadlock has been fixed in ioregisteriowqmaxworkers. The ioregisteriowqmaxworkers function calls ioputsqdata, which acquires the sqd-lock without releasing the uringlock. Similar to the commit 009ad9f0c6ee...

5.5CVSS6.1AI score0.00206EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/9p: Fixed an issue related to uninit-value in p9clientrpc. Syzbot, with the help of KMSAN, reported the following errors: BUG: KMSAN: uninit-value in trace9pclientres, include/trace/events/9p.h:146 inline BUG: KMSAN:...

5.5CVSS6.3AI score0.00228EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Ring-buffer: Fixed a race condition between readers and resize checks. The reader code in rbgetreaderpage swaps a new reader page into the ring buffer by using cmpxchg on old-list.prev-next to point it to the new page. After that...

4.7CVSS6.4AI score0.00175EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in krb5

In MIT Kerberos 5 also known as krb5, before version 1.21.3, an attacker could modify the plaintext Extra Count field of a confidential GSS krb5 wrap token. This modification caused the unwrapped token to appear truncated, affecting the application...

7.5CVSS7AI score0.00748EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01738EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in binutils

A issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in the processmipsspecific function in readelf.c, due to a malformed MIPS option section...

7.8CVSS7AI score0.01976EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A flaw was discovered in the Linux kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While this will usually be correct, since tuntap devices require CAPNETADMIN, it may not always be the case. For example, a non-root user...

5.5CVSS6.6AI score0.00257EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

There is a speculative pointer dereferencing issue in the Linux kernel, specifically with the doprlimit function. The value of the resource argument is controlled and is used in pointer arithmetic for the ‘rlim’ variable. This can lead to the leakage of its contents. We recommend upgrading to a...

5.3CVSS6.6AI score0.0072EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in OpenVSwitch

An integer underflow occurred in the Organization Specific TLV in various versions of OpenvSwitch...

9.8CVSS7.3AI score0.01324EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in OpenVSwitch

An out-of-bounds read in the Organization-Specific TLV was found in various versions of OpenvSwitch...

9.8CVSS7.2AI score0.01324EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: libceph: freechooseargmap is made more resilient to partial allocations. freechooseargmap may dereference a NULL pointer if its caller fails after a partial allocation. For example, in decodechooseargs, if the allocation of...

7.5CVSS6.5AI score0.00395EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A vulnerability, classified as critical, has been discovered in the Linux kernel. The issue affects the tsttimer function in the drivers/atm/idt77252.c file of the IPsec component. This vulnerability allows for manipulation leading to memory corruption after the function is freed. It is recommend...

7CVSS6.4AI score0.00405EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Wireshark

An infinite loop in the RTMPT protocol dissector in Wireshark versions 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows for denial of service through packet injection or malicious capture files...

7.8CVSS7.1AI score0.0202EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Vim

Out-of-bounds write to API in GitHub repository vim/vim prior to 9.0.0100...

6.5CVSS6.7AI score0.00872EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in TIF format

A null source pointer passed as an argument to the memcopy function within TIFFFetchNormalTag in tifdirread.c in libtiff versions up to 4.3.0 could lead to a Denial of Service attack through a crafted TIFF file...

7.7CVSS6.7AI score0.0125EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A vulnerability was discovered in the fs/inode.c:inodeinitowner function logic of the Linux kernel. This vulnerability allows local users to create files for the XFS file system with unintended group ownership, along with group execution and SGID permission bits set. This occurs in a scenario whe...

7.8CVSS6.7AI score0.00277EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in SQLite3

In SQLite 3.31.1, the isAuxiliaryVtabOperator function allows attackers to trigger a NULL pointer dereferencing and segmentation fault due to generated column optimizations...

7.5CVSS6.9AI score0.03683EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libxml2

There is a flaw in libxml2 in versions before 2.9.11. An attacker who can submit a crafted file for processing by an application that uses libxml2 can trigger a use-after-free vulnerability. The most significant impact of this flaw is related to confidentiality, integrity, and availability...

8.8CVSS6.8AI score0.03653EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium, LibXSLT

Before version 91.0.4472.164, using Blink XSLT in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS6.8AI score0.21623EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: inet: Do not leave a dangling sk pointer in inetcreate The sockinitdata function attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains a...

7.8CVSS6.2AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fbdev: sisfb: Fixed strbuf array overflow issue. The values of the variables xres and yres are stored in strbuf. These variables are obtained from strbuf1. The strbuf1 array contains digit characters, and a space if the array...

7.8CVSS6.4AI score0.00255EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: can: sja1000: fixed the use of “free” after memory allocation in emspcmciaaddcard. If the last channel is not available, then “dev” is freed. Fortunately, we can simply use “pdev-irq” instead. We also should check whether at leas...

7.8CVSS6AI score0.00242EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux

In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can occur when a trustedless device provides a buf-len value that exceeds the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the leng...

7.8CVSS6.8AI score0.00395EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in openssl1.0

The OpenSSL public API function X509issuerandserialhash attempts to generate a unique hash value based on the issuer and serial number data contained within an X509 certificate. However, it fails to properly handle any errors that may occur during the parsing of the issuer field—errors that could...

5.9CVSS6.7AI score0.07471EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid out-of-bounds access when the system.data function calls xattr to modify xattrs under the filesystem. When searching for an entry in an inline directory, if the evalueoffs parameter is changed under the filesystem due...

7.8CVSS6.3AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in PHP 7.3, PHP 8.1

In PHP versions 8.0. before 8.0.27, 8.1. before 8.1.15, and 8.2. before 8.2.2, when using the PDO::quote function to quote user-supplied data for SQLite, providing an overly long string may cause the driver to incorrectly quote the data. This can further lead to SQL injection vulnerabilities...

9.1CVSS6.9AI score0.02154EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Vim

Use After Free in the GitHub repository vim/vim before version 9.0.0286...

7.8CVSS7.1AI score0.00497EPSS
Exploits1References2
Total number of security vulnerabilities18100