Lucene search
K

119 matches found

OSV
OSV
added 2025/12/30 1:16 p.m.3 views

UBUNTU-CVE-2023-54234

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix missing mrioc-evtackcmds initialization Commit c1af985d27da "scsi: mpi3mr: Add Event acknowledgment logic" introduced an array mrioc-evtackcmds but initialization of the array elements was missed. They are just...

5.7AI score0.00166EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/30 1:16 p.m.9 views

CVE-2023-54206

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The cited commit moved idr initialization too early in flchange which allows concurrent users to access the filter that is still being initialized and is in inconsistent state,...

5.7AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/12/30 1:16 p.m.6 views

CVE-2022-50871

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmimsghandler data structure initialization qmimsghandler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers array which can lead t...

5.7AI score0.00166EPSS
Exploits0References5
CVE
CVE
added 2025/12/30 12:15 p.m.13 views

CVE-2022-50871

The CVE-2022-50871 entry concerns the Linux kernel component wifi: ath11k, specifically the qmi_msg_handler data structure initialization. The issue could allow an infinite loop while searching for a handler when a msg-id handler is missing from the handlers array, leading to out-of-bounds access...

6.1AI score0.00166EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/12/30 12:15 p.m.5 views

CVE-2022-50871

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmimsghandler data structure initialization qmimsghandler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers array which can lead t...

5.1AI score0.00166EPSS
Exploits0
OSV
OSV
added 2025/12/30 12:15 p.m.6 views

CVE-2022-50871 wifi: ath11k: Fix qmi_msg_handler data structure initialization

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmimsghandler data structure initialization qmimsghandler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers array which can lead t...

6.3AI score0.00166EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/12/30 12:11 p.m.4 views

CVE-2023-54234

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix missing mrioc-evtackcmds initialization Commit c1af985d27da "scsi: mpi3mr: Add Event acknowledgment logic" introduced an array mrioc-evtackcmds but initialization of the array elements was missed. They are just...

5.2AI score0.00166EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992501)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992501 advisory. In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix refcount leak in omap3xxxprmlateinit offindmatchingnode returns a node pointer...

5.5CVSS6.1AI score0.00198EPSS
Exploits0References4
NVD
NVD
added 2025/12/24 11:16 a.m.4 views

CVE-2025-68726

In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

0.00155EPSS
Exploits0References3
NVD
NVD
added 2025/12/24 11:16 a.m.5 views

CVE-2025-68377

In the Linux kernel, the following vulnerability has been resolved: ns: initialize nslistnode for initial namespaces Make sure that the list is always initialized for initial namespaces...

0.00145EPSS
Exploits0References2
CVE
CVE
added 2025/12/24 10:33 a.m.10 views

CVE-2025-68377

The CVE-2025-68377 issue affects the Linux kernel and is resolved by initializing ns_list_node for initial namespaces to ensure the list is always initialized for initial namespaces. The fix targets the namespace list initialization in the kernel’s initialization path; impact and exploit details ...

6.2AI score0.00145EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/16 6:31 p.m.4 views

EUVD-2025-203788

In the Linux kernel, the following vulnerability has been resolved: mm/memfd: fix information leak in hugetlb folios When allocating hugetlb folios for memfd, three initialization steps are missing: 1. Folios are not zeroed, leading to kernel memory disclosure to userspace 2. Folios are not marke...

5.2AI score0.00176EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/16 3:6 p.m.26 views

CVE-2025-68292 mm/memfd: fix information leak in hugetlb folios

In the Linux kernel, the following vulnerability has been resolved: mm/memfd: fix information leak in hugetlb folios When allocating hugetlb folios for memfd, three initialization steps are missing: 1. Folios are not zeroed, leading to kernel memory disclosure to userspace 2. Folios are not marke...

0.00176EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/16 1:57 p.m.29 views

CVE-2025-68222 pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc

In the Linux kernel, the following vulnerability has been resolved: pinctrl: s32cc: fix uninitialized memory in s32pinctrldesc s32pinctrldesc is allocated with devmkmalloc, but not all of its fields are initialized. Notably, numcustomparams is used in pinconfgenericparsedtconfig, resulting in...

0.00175EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/12/09 12:0 a.m.3 views

CVE-2023-53798

In the Linux kernel, the following vulnerability has been resolved: ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy IOCTL ethtool interface. Since 'struct ethtoollinkksettings' is not initialized in this path, drive...

5.9AI score0.00168EPSS
Exploits0
Cvelist
Cvelist
added 2025/12/06 9:51 p.m.20 views

CVE-2025-40278 net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak

In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . net? KMSAN: kernel-infoleak in skbdatagramiter In tcfifedump, the variable 'opt' was partially...

0.00189EPSS
Exploits0References8
OSV
OSV
added 2025/11/12 10:15 p.m.3 views

DEBIAN-CVE-2025-40182

In the Linux kernel, the following vulnerability has been resolved: crypto: skcipher - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

5.2AI score0.00165EPSS
Exploits0References1
OSV
OSV
added 2025/11/12 10:15 p.m.7 views

UBUNTU-CVE-2025-40182

In the Linux kernel, the following vulnerability has been resolved: crypto: skcipher - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

5.7AI score0.00165EPSS
Exploits0References10
CVE
CVE
added 2025/11/12 9:56 p.m.15 views

CVE-2025-40182

CVE-2025-40182 (Linux kernel) concerns the crypto subsystem, specifically the skcipher code path. The root cause is the introduction of the cra_reqsize field in the crypto_alg struct and its use across skcipher algorithms, which was not accompanied by proper initialization. This mismatch can lead...

6.1AI score0.00165EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/11/12 10:23 a.m.4 views

CVE-2025-40119

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential null deref in ext4mbinit In ext4mbinit, ext4mbavgfragmentsizedestroy may be called when sbi-smbavgfragmentsize remains uninitialized e.g., if groupinfo slab cache allocation fails. Since...

5AI score0.00177EPSS
Exploits0
Rows per page
Query Builder