Lucene search
K
AstralinuxRecent

18100 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A vulnerability has been discovered in the Linux kernel. It has been identified as a problem. The vulnerability affects the intrcallback function in the drivers/net/usb/r8152.c file of the BPF component. Manipulation of this function results in the logging of excessive data. The attack can be...

5.3CVSS6.4AI score0.02211EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: irqchip: The refcount leak in platformirqchipprobe has been fixed. The function ofirqfindparent returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer necessary. Add the missing...

5.5CVSS5.9AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

An integer overflow or wrap-around vulnerability exists in the OpenEuler kernel on Linux file system modules, allowing for forced integer overflow. This issue affects the OpenEuler kernel, starting from version 4.19.90, up to and including version 4.19.90-2401.3, as well as versions 5.10.0-60.18....

7.8CVSS6.6AI score0.00371EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fixed BQL accounting for multi-BD TX packets. When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the actual length of each BD from the descriptor status into an...

7.5CVSS6.6AI score0.00426EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Properly marking live registers for indirect jumps For the gotox rX instruction, the rX register should be marked as used in the computeinsnlive regs function. This issue has been fixed...

7.8CVSS5.7AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex The mutex of the struct applesmc is initialized in applesmcprobe. Using the mutex in an uninitialized state surprisingly resulted only in occasional NULL pointer dereferences in calls to applesmcread...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in grub2

A use-after-free vulnerability has been identified in the GNU GRUB Grand Unified Bootloader. The flaw occurs because the process that closes files improperly retains a memory pointer, leaving an invalid reference to a file system structure. An attacker could exploit this vulnerability to cause th...

4.9CVSS5.4AI score0.0013EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in grub2

A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader improperly handles string conversions when reading information from a USB device, allowing an attacker to exploit inconsistencies in the length values. A local attacker can...

4.8CVSS5.2AI score0.00172EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Golang 1.19, Golang 1.23

If the PATH environment variable contains paths that are executable files rather than just directories, passing certain strings to LookPath "", ".", and ".." may cause the binaries listed in the PATH to be returned unexpectedly...

6.5CVSS6.3AI score0.00489EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux - Vulnerability in node-sha.js

There is a vulnerability in input validation in sha.js that allows for manipulation of input data. This issue affects sha.js version 2.4.11...

9.1CVSS7.1AI score0.00651EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in espeak-ng

It was discovered that Espeak-ng 1.52-dev contains a Stack Buffer Underflow due to the CountVowelPosition function in synthdata.c...

5.3CVSS5.9AI score0.00372EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

A use-after-free vulnerability exists in the netfilter component of the Linux kernel’s nftables module; this vulnerability can be exploited to achieve local privilege escalation. The nftpipapowalk function does not skip inactive elements during the set walk operation, which can result in double...

7.8CVSS6.6AI score0.00334EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to gain local privilege escalation. The perfgroupdetach function did not check the attachstate of the event’s siblings before calling addeventtogroups; moreover, removeonexec allowed calling listdelevent...

7.8CVSS6.6AI score0.00251EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

There is a vulnerability related to time-of-check to time-of-use issues in the iouringsubsystem’s IORINGOPCLOSE operation in the Linux kernel versions 5.6 to 5.11 inclusive. This vulnerability allows a local user to elevate their privileges to root. Introduced in the version...

7.8CVSS6.7AI score0.00218EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A issue was discovered in the Linux kernel through version 5.16-rc6. The function malidpcrtcreset in the file drivers/gpu/drm/arm/malidpcrtc.c lacks a check on the return value of kzalloc. This could lead to a null pointer dereferencing...

5.5CVSS6.8AI score0.00217EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in Linux, Linux 5.10

There is a use-after-free in the Linux kernel’s tcnewtfilter module, which could allow a local attacker to gain privilege escalation. This vulnerability requires unprivileged user namespaces for exploitation. We recommend upgrading to a version after commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b...

8.6CVSS6.7AI score0.005EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

A out-of-bounds memory write flaw was discovered in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system...

7.8CVSS6.7AI score0.06197EPSS
Exploits10References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in qtbase-opensource-src

A issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur due to a crafted KTX image file...

6.2CVSS7.4AI score0.00321EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - BPF: Fixed a potential use-after-free of the BTF object. - The refcounting in the checkpseudobtfid function is incorrect: The checkpseudobtfid function might be called with a btf whose refcount is zero. This issue has been...

7.8CVSS5.9AI score0.00124EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftcounter: serialize reset with spinlock A global static spinlock has been added to serialize the fetch+reset operations of the counter, preventing concurrent “dump-and-reset” operations from accessing counter values ...

5.5CVSS5.7AI score0.00137EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: fbnic: Resolving the race between fwlog and teardown This fix addresses a theoretical race condition in fwlog between the teardown path and the fwlog write functions. fwlog is written within fbnicfwlogwrite, and it can be...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Requires the map to be frozen before calculating the map hash Currently, bpfmapgetinfobyfd calculates and caches the hash of the map, regardless of whether the map is frozen or not. This leads to a TOCTOU bug, where user spa...

4.7CVSS5.6AI score0.00092EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: power: supply: pf1550: Fixed a use-after-free in powersupplychanged. Using the devm variant for requesting IRQs before using the devm variant for allocating/registering the powersupply handle means that the powersupply handle wil...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: rxrpc: Fixed handling of misaligned crypto lengths in packets. Also, fixed the handling of packets with misaligned crypto lengths. Additionally, handled non-ENOMEM errors during decryption by aborting the process. Furthermore,...

7.5CVSS5.7AI score0.00441EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fixed a race condition during PASID entry replacement. The Intel VT-d PASID table entry is 512 bits 64 bytes. When replacing an active PASID entry e.g., during domain replacement, the current implementation calculates...

8.8CVSS5.7AI score0.00128EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/xe/pf: Fixed sysfs initialization issues. In case of a failure in devmaddactionorreset, the provided cleanup action will be executed immediately on the not yet initialized kobject. This may lead to errors such as: - kobjec...

8.8CVSS5.7AI score0.00112EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: nau8821: Cancel delayed work on component removal Attempting to unload the driver while a jack detection task is pending may cause the kernel to crash when it is eventually executed. 1984.896308 BUG: Unable to handle a...

5.5CVSS5.9AI score0.00116EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: The function eagerly init vgic dist/redist on vgic creation is vulnerable. If the vgicallocateprivateirqslocked function fails for any reason, we exit kvmvgiccreate early, leaving dist-rdregions uninitialized. The...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the race condition between the scrub and refill paths involving userrefs The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by an atomicdec to manipulate...

4.7CVSS5.9AI score0.00088EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fixed the directory separator in SMB1 UNIX mounts. When calling cifsmountgettcon with SMB1 UNIX mounts, @cifssb-mntcifsflags needs to be read or updated only after calling resetcifsunixcaps. Otherwise, the...

5.5CVSS5.7AI score0.001EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bridge: Guards the local VLAN-0 FDB helpers against NULL vlan groups. When CONFIGBRIDGEVLANFILTERING is not set, the brvlangroup and nbpvlangroup functions return NULL as defined in brprivate.h. The BRBOOLOPTFDBLOCALVLAN0 togg...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Golang-github-dvsekhvalnov-jose2go

A vulnerability was discovered in dvsekhvalnov jose2go versions 1.5.0 through 1.7.0. This vulnerability allows an attacker to trigger a Denial-of-Service DoS attack by using a specially crafted JSON Web Encryption JWE token with an exceptionally high compression ratio...

7.5CVSS5.9AI score0.00236EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Wireshark

The SDP protocol dissector in Wireshark versions 4.6.0 to 4.6.4 allows for a denial of service attack...

7.5CVSS5.8AI score0.00206EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Gegl

GIMP HDR File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...

7.8CVSS7.8AI score0.00452EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in libjettison-java

An infinite recursion occurs in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This results in a StackOverflowError exception being thrown...

7.5CVSS6.7AI score0.01009EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Tomcat9

Improper neutralization of escape, meta, or control sequence vulnerabilities in Apache Tomcat. For a subset of uncommon rewrite rule configurations, it was possible for a specially crafted request to bypass certain rewrite rules. If those rewrite rules effectively enforced security constraints,...

9.8CVSS6.8AI score0.0418EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

The IPv6 implementation in the Linux kernel before version 6.3 has a maxsize threshold in the net/ipv6/route.c file that can be easily exceeded. This can lead to a denial of service condition, where the network becomes unreachable, resulting in errors when IPv6 packets are sent through a raw sock...

7.5CVSS6.5AI score0.0094EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A issue was discovered in the Linux kernel through version 5.16-rc6. The function netvscgetethtoolstats in the drivers/net/hyperv/netvscdrv.c file lacks a check on the return value of kvmallocarray, which can lead to a null pointer derefrence...

5.5CVSS6.7AI score0.00214EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Linux, Linux 5.10

There is a bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating an NFC device from user-space...

5.5CVSS6.6AI score0.00228EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in GhostScript

A issue was discovered in psi/zcolor.c in Artifex Ghostscript prior to version 10.04.0. An unchecked Implementation pointer in the Pattern color space could allow for arbitrary code execution...

7.8CVSS7.5AI score0.00356EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xhci: Fixed a NULL pointer dereference issue when reading PortLib’s debugfs files. Michal reported and debugged a NULL pointer dereference bug in the recently added PortLib’s debugfs files. The issue occurs when there are more po...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: chips-media: wave5: Fixed an issue where the runtime usage count of PM was underflowing. Replace pmruntimeputsync with pmruntimedontuseautosuspend in the remove path, so that it can properly pair with pmruntimeuseautosuspend in t...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Resetting the register ID for BPFEND value tracking When a register undergoes a BPFEND operation byte swap, its scalar value is mutated in place. If this register previously shared a scalar ID with another register e.g., aft...

7.8CVSS5.7AI score0.00118EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: GPIB: LPVOUSB – fixed a memory leak that occurred when USB devices were disconnected. The driver iterates over the registered USB interfaces during GPIB attachment and takes a reference to their USB devices until a match is found...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fixed a deadlock in the soft reset sequence. The soft reset sequence is currently executed from the threaded IRQ handler. Therefore, it cannot call disableirq because it internally waits for the IRQ handlers—i.e....

5.5CVSS5.7AI score0.00094EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Zabbix

A regular Zabbix user without access to the Monitoring - Problems view can still call the problem.view.refresh action, and thus still retrieve a list of active problems...

5.1CVSS5.2AI score0.00274EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Python 3.11

When using TarFile.errorlevel = 0 and extracting with a filter, the documented behavior is that any filtered members would be skipped and not extracted. However, the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member will still be extracted and not skipped...

7.5CVSS6.5AI score0.00474EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in opusfile

A null pointer dereference issue was discovered in the functions opgetdata and opopen1 in opusfile.c. In versions 0.9 through 0.12 of xiph opusfile, this issue allows attackers to cause denial of service or other unspecified impacts...

7.8CVSS7AI score0.00395EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Offscreen Canvas did not properly prevent cross-origin tampering, which could have been used to access image data from another site in violation of the same-origin policy. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

5.3CVSS6.6AI score0.00527EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Firefox, LibWebP, Thunderbird

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode function and loop through to free the best.bw file, assigning the best pointer to trial. The second loop will then return 0 due to a memory out-of-memory error in the VP8 encoder; the pointer remai...

7.5CVSS7.1AI score0.00952EPSS
Exploits0References2
Total number of security vulnerabilities18100