kernel: ath9k_htc: fix uninit value bugs

In the Linux kernel, the following vulnerability has been resolved: ath9khtc: fix uninit value bugs Syzbot reported 2 KMSAN bugs in ath9k. All of them are caused by missing field initialization. In htcconnectservice svcmetalen and pad are not initialized. Based on code it looks like in current sk...

AZL-35347 CVE-2022-0175 affecting package virglrenderer for versions less than 0.9.1-3

A flaw was found in the VirGL virtual OpenGL renderer virglrenderer. The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading t...

An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.

...

DEBIAN-CVE-2022-29968

An issue was discovered in the Linux kernel through 5.17.5. iorwinitfile in fs/iouring.c lacks initialization of kiocb-private...

UBUNTU-CVE-2022-29968

An issue was discovered in the Linux kernel through 5.17.5. iorwinitfile in fs/iouring.c lacks initialization of kiocb-private...

CVE-2022-29968

CVE-2022-29968 affects the Linux kernel up to version 5.17.5, where io_rw_init_file in fs/io_uring.c fails to initialize kiocb->private. This can lead to kernel memory leakage or exposure as described in connected advisories (e.g., CNVD/Ubuntu notes). A patch/remediation is not explicitly deta...

wolfSSL 安全特征问题漏洞

Wolfssl CyaSSL is a small, portable embedded SSL programming library for use by embedded system developers from Wolfssl USA. wolfSSL has a security vulnerability that stems from the use of non-random IV values for x prior to 5.1.1 under certain circumstances. This affects AES-CBC or DES3...

CVE-2021-46283

nftablesnewset in net/netfilter/nftablesapi.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service NULL pointer dereference and general protection fault because of the missing initialization for nftsetelemexpralloc. A local user can set a netfilter table expression i...

PYSEC-2022-9

pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path...

Samba 3.0.0 <= 3.0.1 Vulnerability (CVE-2004-0082)

mksmbpasswd shell script may create accounts with easily guessable passwords. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...

Ulfius Web Framework Remote Memory Corruption Exploit

Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a heap-related initialization bug is triggered resulting in a crash in the server or potentially remote code execution with privileges of the running process. !/usr/bin/python3 guul.p...

Ulfius Web Framework Remote Memory Corruption

!/usr/bin/python3 guul.py Ulfius Web Framework Remote Memory Corruption Vulnerability Jeremy Brown Sept 2021 Intro Ulfius Web Framework is used by a number of different projects to build web services. Some of the projects tested and confirmed vulnerable are Glewlwyd SSO Server, Taliesin Audio...

PT-2024-11170 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.13-rc3 Description: The vulnerability is related to the initialization of cad pid in the Linux kernel. During boot, kernel init freeable initializes cad pid to the init task's struct pid. Later, when cad pid i...

AZL-6924 CVE-2020-24455 affecting package tpm2-tss for versions less than 2.4.6-1

Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...

PYSEC-2020-297

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen...

CVE-2020-1617

This issue occurs on Juniper Networks Junos OS devices which do not support Advanced Forwarding Interface AFI / Advanced Forwarding Toolkit AFT. Devices using AFI and AFT are not exploitable to this issue. An improper initialization of memory in the packet forwarding architecture in Juniper...

python: Missing salt initialization in _elementtree.c module

Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by contructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming...

UBUNTU-CVE-2018-20855

An issue was discovered in the Linux kernel before 4.18.7. In createqpcommon in drivers/infiniband/hw/mlx5/qp.c, mlx5ibcreateqpresp was never initialized, resulting in a leak of stack memory to userspace...

Mozilla Spidermonkey - Unboxed Objects Uninitialized Memory Access Exploit

/ Mozilla Spidermonkey - Unboxed Objects Uninitialized Memory Access For constructors, Spidermonkey implements a "definite property analysis" 1 to compute which properties will definitely exist on the constructed objects. Spidermonkey then directly allocates the constructed objects with the final...

kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()

The Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file...