Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are subject to an integer underflow leading to out-of-bounds read operations in the zgfxdecompresssegment function. In the context of CopyMemory, it’s possible to read dat...

9.1CVSS7AI score0.01432EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: spi-rockchip: Fixed out-of-bounds access to registers. Do not write code related to native chip selection for GPIO chip selections. GPIOs can be numbered much higher than native CS. Moreover, this approach doesn’t make any sen...

7.1CVSS6.5AI score0.00151EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: kcm: An annotate data-race around kcm-rxpsock has been fixed. kcm-rxpsock can now be read without a lock in kcmrfree. The read and write operations have been adjusted accordingly. The same approach is used for kcm-rxwait in th...

5.5CVSS6AI score0.00146EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: zynqmpdma: In struct zynqmpdmachan, the descsize data type was fixed. In the zynqmpdmaalloc/freechanresources functions, there is a potential overflow in the following expressions: dmaalloccoherentchan-dev, 2...

5.5CVSS6.5AI score0.00255EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed the null check on pipectx-planestate in updatedchubpdpp. This issue is similar to commit 6a057072ddd1 “drm/amd/display: Fixed a null pointer dereference on dcn20updatedchubpdpp. It involves the same functio...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/hugetlb: fixed a situation where the kernel’s NULL pointer dereferencing occurred when replacing free hugetlb folios. A kernel crash was observed when replacing free hugetlb folios: BUG: NULL pointer dereferencing by the...

5.5CVSS6AI score0.0014EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: sma1307: Added a NULL check in sma1307settingloaded. All variables allocated by kzalloc and devmkzalloc could potentially be NULL. Multiple pointer checks and their cleanup procedures have been added. This issue was...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libvirt

A use-after-free flaw was discovered in libvirt. The qemuMonitorUnregister function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting...

6.5CVSS6.7AI score0.01217EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: cirrusfb: check pixclock to avoid divide by zero Perform a sanity check on the pixclock value to avoid division by zero. If the pixclock value is zero, the cirrusfb driver will round up pixclock to make the derived...

5.5CVSS6.2AI score0.0024EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: The FW DMA is stopped in bnxtshutdown. The netifclose call in bnxtshutdown only stops packet DMA. There may be FW DMA for trace logging recently added, which will continue. If we execute an kexec to a new kernel, the DMA...

5.9AI score0.00188EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/mm: The return value from memblockphysallocrange is checked. At least with CONFIGPHYSICALSTART=0x100000, if there is less than 4 MiB of contiguous free memory available at this point, the kernel will crash and burn because...

5.5CVSS6.2AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h616: Reparenting the GPU clock during frequency changes The H616 manual does not indicate that the GPU PLL supports dynamic frequency configuration. Therefore, we must be extra careful when changing the frequency...

5.5CVSS6.4AI score0.0014EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-axi-dmac: ignore interrupt if no descriptor If the channel has no descriptor and the interrupt is raised, then the kernel will make a mistake. Check the result of vchannextdesc in the handler axichanblockxfercomplet...

5.5CVSS6AI score0.00157EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

There are use-after-free vulnerabilities caused by a timer handler in the net/rose/rosetimer.c file of Linux, which allow attackers to crash the Linux kernel without any privileges...

5.5CVSS6.7AI score0.00419EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in tidy-html5

A vulnerability in HTACG HTML Tidy v5.7.28 allows attackers to execute arbitrary code through the -g option of the CleanNode function in gdoc.c...

9.8CVSS8.2AI score0.01128EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in PHP 7.3

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16, and 8.2.X before 8.2.3, the core path resolution function allocates a buffer that is one byte too small. When resolving paths with lengths close to the system’s MAXPATHLEN setting, this may result in the byte after the allocated buffer being...

8.1CVSS6.9AI score0.01242EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Vim

Use After Free in the GitHub repository vim/vim before version 9.0.0246...

7.8CVSS7.1AI score0.00501EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This...

8.8CVSS7.4AI score0.00702EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread could occur in the freerdpimagecopyfromicondata function libfreerdp/codec/color.c, due to malicious RDP window icon TSICONINFO data. This bug could be exploited over the network when a clie...

6.9CVSS6.2AI score0.00242EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xhci: Device endpoints are removed from the bandwidth list when the device is freed. Endpoints are normally deleted from the bandwidth list when they are dropped, before the virt device is freed. If the xHCI host is dying or bein...

7.8CVSS5.9AI score0.00158EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validated the box size for the snooped cursor. Invalid user-space DMA surface copies could potentially cause an overflow when copying data from the surface to the snooped image, leading to crashes. To address this...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - don't sleep when in softirq When kunpeng920 encryption driver is used to deencrypt and decrypt packets during the softirq, it is not allowed to use mutex lock. The kernel will report the following error:...

5.5CVSS6.1AI score0.00131EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A flaw was discovered in the Linux kernel’s Layer 2 Tunneling Protocol L2TP. Clearing the skuserdata can result in a race condition and NULL pointer dereferencing. A local user could exploit this flaw to potentially crash the system, causing a denial of service...

5.5CVSS6.7AI score0.00172EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Thunderbird

Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs in Firefox 94. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these...

9.8CVSS7.6AI score0.01013EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Regulator: pca9450 – Use devmregistersysoffhandler. With the module test, there is an error dump: ------------ Cut here ------------ Notifier callback pca9450i2crestarthandler is already registered. WARNING: kernel/notifier.c:23 ...

5.5CVSS5.3AI score0.00119EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the assignment logic of iocb. Commit 18ae8d12991b “f2fs: shows more DIO information at the tracepoint” introduced the iocb field in the ‘f2fsdirectIOenter’ trace event. It only assigns the pointer and then accesses...

7.1CVSS5.8AI score0.00147EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in exiv2

The CiffDirectory::readDirectory method in crwimageint.cpp within Exiv2 0.26 has excessive stack consumption due to a recursive function, resulting in a denial of service...

6.5CVSS6.6AI score0.0235EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

Ubuntu Linux 6.8, 6.17, and 7.0 contain SAUCE patches that fail to validate invalid sizes of the name field in AppAmor notification responses. This bug can be triggered by an unprivileged local user, and it could lead to the processing of malicious responses...

3.3CVSS5.8AI score0.00092EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Media: Amphion – Fixed a race condition between m2mJobAbort and deviceRun. We have fixed a kernel panic that occurred due to a race condition where v4l2m2mCtxRelease releases the m2mCtx while v4l2m2mTryRun is about to call...

7.8CVSS5.8AI score0.00097EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

Ubuntu Linux 6.8, 6.17, and 7.0 contain SAUCE patches that include a memory leak issue in the handling of large responses to AppArmor notifications. This bug can be triggered by a non-privileged local user. The memory leak could lead to resource exhaustion...

5.5CVSS5.7AI score0.00093EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

Ubuntu Linux 6.8, 6.17, and 7.0 contain SAUCE patches that may include a NULL pointer dereferencing issue in the handling of AFINET/AFINET6 socket mediation. This bug can be triggered by an unprivileged local user, and it can lead to a kernel oops...

3.3CVSS5.7AI score0.00094EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux, Linux 5.10

LFENCE/JMP mitigation V2-2 may not be sufficient in mitigating CVE-2017-5715 on some AMD CPUs...

5.6CVSS6.6AI score0.00284EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: hantro: Check whether the .reset operation is defined before using it. The i.MX8MM/N/P does not define the .reset operation, as the reset of the VPU is performed by genpd. Check whether the .reset operation is defined befo...

5.5CVSS5.8AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Firefox and Thunderbird

An attacker could have triggered a “use-after-free” condition when creating a WebRTC connection via HTTPS. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...

8.8CVSS7.2AI score0.00755EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Thunderbird

An OpenPGP digital signature includes information about the date when the signature was created. When displaying an email that contains a digital signature, the email’s date will be displayed. If the dates are different, then Thunderbird does not report the email as having an invalid signature. I...

6.5CVSS6.7AI score0.00409EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Networks: qcom/emac – fixed a UAF Use-after-Free issue in emacremove. “adpt” is netdev private data, and it cannot be used after the freenetdev call. Using “adpt” after freenetdev can cause a UAF bug. This issue was fixed by movi...

7.8CVSS6.1AI score0.00251EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Node.js

Node.js versions before 16.6.0, 14.17.4, and 12.22.4 are vulnerable to a “use after free” attack, where an attacker could exploit memory corruption to alter the behavior of the process...

9.8CVSS6.7AI score0.37286EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.27 views

Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...

9.3CVSS8AI score0.036EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Vim

Use of out-of-range pointer offset in the GitHub repository vim/vim before version 9.0.1499...

6.8CVSS6.7AI score0.00409EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

A NULL pointer dereference flaw was discovered in the Linux kernel’s KVM module. This flaw can lead to a denial of service in the x86emulateinsn function in arch/x86/kvm/emulate.c. The flaw occurs when an illegal instruction is executed on the guest CPU of the Intel model...

5.5CVSS6.8AI score0.00302EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in pcre2

A out-of-bounds read vulnerability was discovered in the PCRE2 library, specifically in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This issue relates to a Unicode property matching problem in JIT-compiled regular expressions. The vulnerability arises because the charact...

9.1CVSS6.8AI score0.02993EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A use-after-free flaw was discovered in the Linux kernel before version 5.19.2. This issue occurs in the cmdhdlfilter function in the drivers/staging/rtl8712/rtl8712cmd.c file, allowing an attacker to launch a local denial-of-service attack and gain elevated privileges...

7.8CVSS6.7AI score0.00258EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in krb5

In MIT Kerberos 5 also known as krb5 before version 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...

9.1CVSS7.3AI score0.01863EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Thunderbird

The OCSP revocation status of recipient certificates was not checked when sending S/MIME encrypted emails. As a result, revoked certificates were accepted. This bug affected Thunderbird versions from 68 to 102.9.1. This vulnerability affects Thunderbird versions earlier than 102.10...

6.5CVSS6.6AI score0.00372EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Batik

A vulnerability in Batik of Apache XML Graphics allows an attacker to execute Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics versions prior to 1.16. Users are recommended to upgrade to version 1.16...

7.5CVSS7.2AI score0.0232EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.16 views

Astra Linux – Vulnerability in mod-wsgi

A vulnerability was discovered in modwsgi. The X-Client-IP header is not removed from a request sent from a trusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application. The condition necessary to remove the X-Client-IP header is missing...

7.5CVSS6.8AI score0.0069EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libmodbus

A heap-based buffer overflow flaw was discovered in libmodbus, within the modbusreply function in src/modbus.c...

7.8CVSS7.3AI score0.00432EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Blender

An integer overflow in the processing of loaded 2D images leads to a “write-what-where” vulnerability and an “out-of-bounds read” vulnerability. This allows attackers to leak sensitive information or execute code within the Blender process when a specially crafted image file is loaded. This flaw...

7.8CVSS7.2AI score0.0112EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in mbedtls

A issue was discovered in Mbed TLS 3.5.1. There is a persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions...

7.5CVSS7.1AI score0.00685EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are vulnerable to a denial-of-service attack due to very large inputs containing a specific sequence of characters...

7.5CVSS6.6AI score0.01258EPSS
Exploits0References2
Total number of security vulnerabilities18102