Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm: pgtable: Fix for NULL pointer dereference issue. When updatemmucacherange is called by updatemmucache, the vmf parameter is NULL, which can lead to a NULL pointer dereference issue in adjustpte. It is not possible to handle...

5.5CVSS5.7AI score0.00159EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fixed a memory leak bug in rvumboxinit. In rvumboxinit, the mboxregions variable is not freed or passed out under the switch-default region, which could lead to a memory leak. This bug was identified by a static...

5.5CVSS5.1AI score0.00193EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Qemu

A reentrancy issue related to DMA was discovered in the Tulip device emulation in QEMU. When Tulip reads from or writes to the rx/tx descriptor, or copies a rx/tx frame, it does not check whether the destination address is its own MMIO address. This can cause the device to trigger MMIO handlers...

7.8CVSS6.9AI score0.00411EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: A potential memory leak has been fixed in setupbasectxt. setupbasectxt allocates a memory chunk for uctxt-groups using hfi1allocctxtrcvgroups. When inituserctxt fails, uctxt-groups is not released, which can lead to a...

5.5CVSS6AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net, neigh module, do not trigger immediate probes on NUDFAILED from neighmanagedwork. The syzkaller was able to trigger a deadlock for NTFMANAGED entries: - kworker/0:16/14617 is trying to acquire a lock: fffffffff8d4dd37...

5.5CVSS5.9AI score0.00141EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in Netty

The HttpObjectDecoder.java file in Netty before version 4.1.44 allowed a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header...

9.1CVSS6.8AI score0.13474EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Video: fbdev: arkfb – Fixed a divide-by-zero bug in arksetpixclock Since the user can control the arguments of ioctl from the user space, there may be situations where a divide-by-zero bug occurs. For example, in the file...

5.5CVSS6AI score0.0016EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

A type confusion issue has been resolved through improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15, and iPadOS 15, Safari 15, and watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS6.9AI score0.01517EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: hinic: Avoid kernel hangs in hinicgetstats64 When using the hinic device as a bonding slave device and reading statistics from the master bonding device, the kernel may hang. The kernel panic call trace is as follows: Kernel...

5.5CVSS5.9AI score0.00153EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: fixed the uninit-value in caifseqpktsendmsg When nrsegs equals zero in iovecfromuser, the object msg-msgiter.iov contains uninitialized stack memory in caifseqpktsendmsg, which is defined in syssendmsg. Therefore, we cannot...

5.5CVSS6.1AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: net: lantiq – Fix for memory corruption in the RX ring. In situations where memory allocation or DMA mapping fails, an invalid address may be programmed into the descriptor. This can lead to memory corruption. If memory allocatio...

7.8CVSS6AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in node-tough-cookie

Versions of the tough-cookie package before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in the rejectPublicSuffixes=false mode. This issue arises from the way in which the objects are initialized...

9.8CVSS6.4AI score0.02542EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in ffmpeg

A denial-of-service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avprivfloatdspallocl function in libavutil/floatdsp.c...

6.5CVSS6.5AI score0.01012EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Wireshark

In Wireshark versions 3.0.0 to 3.0.3, and 2.6.0 to 2.6.10, the Gryphon dissector could enter an infinite loop. This issue was addressed in the plugin file plugins/epan/gryphon/packet-gryphon.c by checking for a packet length of zero...

7.8CVSS6.7AI score0.03753EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in sane-backends

A out-of-bounds read in SANE Backends before version 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, also known as GHSL-2020-081...

4.3CVSS6.7AI score0.01204EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fixed a reference count leak in pprnotifier. According to the comments on pcigetdomainbusandslot, it returns a PCI device with a reference count that increments after use. The caller must decrement the reference count ...

5.5CVSS5.9AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: net/tunnel: Wait until all skuserdata readers complete their operations before releasing the sock. There is a race condition in vxlan where, when deleting a vxlan device during packet reception, there is a possibility that the so...

5.5CVSS6.1AI score0.00153EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Freeing arbitrary nsIInputStream's on a thread other than the one in which they were created could lead to a use-after-free, potentially causing a crash. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...

6.5CVSS7AI score0.00639EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, if the IMA appraisal method is used with the “imaappraise=log” boot parameter, lockdown can be circumvented using kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents the “imaappraise=log” parameter from being set during boot, but this does not cover...

6.7CVSS6.5AI score0.002EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in LibreOffice

There was an improper certificate validation vulnerability in LibreOffice, where the determination of whether a macro was signed by a trusted author was based solely on comparing the serial number and issuer string of the used certificate with those of a trusted certificate. This is insufficient ...

7.5CVSS8.2AI score0.00998EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in libxstream-java

XStream is software used for serializing Java objects into XML and back again. A vulnerability exists in XStream versions prior to 1.4.17, which may allow a remote attacker with sufficient rights to execute commands on the host by manipulating the processed input stream. However, no users who...

8.8CVSS6.9AI score0.77735EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192u: Fixed a deadlock in ieee80211beaconsstop. There is a deadlock in ieee80211beaconsstop, as shown below: Thread 1 | Thread 2 | ieee80211sendbeacon ieee80211beaconsstop | modtimer spinlockirqsave //1 | Wa...

5.5CVSS6.2AI score0.00192EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: dma-buf/syncfile: Do not leak fences during merge failures. Each call to addfence performs a dmafenceget operation on the relevant fence. In error-prone scenarios, we did not call dmafenceput, resulting in all those fences bei...

5.5CVSS6AI score0.00238EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: clk: tegra; tegra124-emc: Fixed a potential memory leak. The resources associated with “tegra” and “tegra124-emc” need to be freed during error handling, otherwise they may be leaked...

5.5CVSS5.8AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sendone: fixed the issue of missing CAN header initialization. The read access to struct canxlframe::len within a j1939 object, which creates a skbuff, revealed that the reserved elements in struct canframe were...

5.5CVSS6.1AI score0.00183EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: usb: host: xhci: Fixed a potential memory leak in xhciallocstreaminfo The xhciallocstreaminfo function allocates a stream context array for streaminfo-streamctxarray using xhciallocstreamctx. When an error occurs, the...

5.5CVSS6AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed a potential data race in rxrpcwaittobeconnected. Inside the loop in rxrpcwaittobeconnected, it checks call-error to determine whether to exit the loop without first checking the call state. This is probably safe, as...

4.7CVSS6.5AI score0.00126EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: media: tegra-video: Fixed the use of devicenode after freeing it. At the time of testing, the following code path is followed: - tegracsiinit - tegracsichannelsalloc - foreachchildofnodenode, channel – Iterates over...

5.9AI score0.002EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: r6040: Fixed the kmemleak in the probe process and removed it. There is a memory leak reported by kmemleak: - Unreferenced object 0xffff888116111000 size 2048: comm “modprobe”, pid 817, jiffies 4294759745 age 76.502s Hex dump...

5.5CVSS6AI score0.00196EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Makes bpfrefcountacquire failable for non-owning references This patch fixes an incorrect assumption made in the original bpfrefcount series 0. Specifically, it assumes that the BPF program calling bpfrefcountacquire on a...

7.8CVSS6.3AI score0.00143EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: IB/IPoIB: Fix legacy IPoIB due to wrong number of queues The cited commit creates child PKEY interfaces over netlink will multiple tx and rx queues, but some devices doesn't support more than 1 tx and 1 rx queues. This causes to ...

5.5CVSS5.9AI score0.0025EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek – A race condition with genpd has been fixed. If the power domains are first registered with genpd, and then the driver attempts to power them on during the probe sequence, it is possible for a race condition t...

4.7CVSS6AI score0.00173EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use deltimersync instead of deltimer in the fw reset flow of the halting poll. Replace deltimer with deltimersync in the fw reset polling activation flow. This prevents a race condition that occurs when deltimer is call...

4.7CVSS5.3AI score0.00178EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm, thp: Bail out early for writeback pages in collapsefile Currently, collapsefile does not explicitly check PGwriteback. Instead, pagehasprivate and trytoreleasepage are used to filter writeback pages. This approach does not wo...

5.5CVSS5.7AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 91.0.4472.101, using the "after free" mechanism in Google Chrome’s extensions allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.1AI score0.01101EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in openjpeg2

There is a flaw in the src/lib/openjp2/pi.c file of openjpeg in versions prior to 2.4.0. If an attacker can provide untrusted input to openjpeg’s conversion/encoding functionality, they could cause an out-of-bounds read. The most significant impact of this flaw is the application’s availability...

5.5CVSS6.5AI score0.01443EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Using the Location API in a loop could cause severe application hangs and crashes. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

6.5CVSS6.7AI score0.01597EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Tiff

LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service application crash or potentially execute arbitrary code through a crafted TIFF image, which triggers a heap-based buffer overflow...

6.5CVSS7.4AI score0.01131EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Added TMF to tmrlist handling An abort that is responded to by iSCSI itself is added to tmrlist, but it does not go to the target core. A LUNRESET that goes through tmrlist takes a refcounter on the abort and...

5.5CVSS6.1AI score0.00237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fpga: m10bmc-sec: Fixed probe rollback issues. Properly handled probe error rollbacks to avoid leaks...

5.5CVSS5.3AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: core: Fixed a possible nullptrderef in shpfcmapresources. This issue could lead to a nullptrderef when using ‘res’. If platformgetresource returns NULL, moving using ‘res’ after devmioremapresource will prevent...

5.5CVSS6.2AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport init-annotated xfrm4protocolinit EXPORTSYMBOL and init are a poor combination, as the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Access to a...

5.5CVSS6.1AI score0.00283EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work when closing a MIDI substream When closing a USB MIDI output substream, there may still be pending work. This work would eventually access the rawmidi runtime object that is being released. To...

5.5CVSS6.1AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the media section, for staging, in media for zoran, the correct buffer size for zoranreapstatcom was calculated incorrectly. When tmpdcim=1 is set, the index of the buffer was miscalculated. This could lead to a NULL pointer...

5.5CVSS6.3AI score0.00239EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox

If array shift operations are not used, the Garbage Collector may become confused regarding valid objects. This vulnerability affects Firefox versions less than 101...

4.3CVSS5.5AI score0.00346EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fixed the rcutortureoneextendcheck function in RT kernels. For kernels built with CONFIGPREEMPTRT=y, running the rcutorture tests resulted in the following errors: 68.797425 rcutortureoneextendcheck: Current value: 0x...

5.5CVSS5.9AI score0.00143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an inode leak in ext4xattrinodecreate, which occurs on an error path. There is a issue when using setxattr with a fault injection: localhost fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 12-Sep-2022 Pass 1: Checking...

6AI score0.00211EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV When kdump kernel tries to copy dump data over SR-IOV, LPAR panics due to NULL pointer exception: Kernel attempted to read user page 0 - exploit attempt?...

4.4CVSS6.1AI score0.0022EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: qrtr: A refcount bug was fixed in qrtrrecvmsg. Syzbot reported the following bugs: refcountt: Addition of 0; use-after-free. … RIP: 0010:refcountwarnsaturate+0x17c/0x1f0 lib/refcount.c:25 … Call Trace: refcountadd –...

5.5CVSS6.1AI score0.00131EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.0 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/qedr: Fixed the qedrcreateuserqp error flow. Avoid the following warning by ensuring that allocated resources are freed in case qedrinituserqueue fails. ----------- Cut here --- WARNING: CPU: 0 PID: 143192 at...

5.5CVSS6.3AI score0.00242EPSS
Exploits0References2
Total number of security vulnerabilities18102