9099 matches found
CVE-2025-24495
Incorrect initialization of resource in the branch prediction unit for some IntelR Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2025-24495
Incorrect initialization of resource in the branch prediction unit for some IntelR Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access...
microcode_ctl: Improper initialization in UEFI firmware OutOfBandXML module
Improper initialization in UEFI firmware OutOfBandXML module in some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access...
kernel: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer
In the Linux kernel, the following vulnerability has been resolved: hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk-trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by...
kernel: vhost/vsock: always initialize seqpacket_allow
Improper handling of seqpacketallow initialization was found in the Linux kernel in drivers/vhost/vsock.c...
kernel: i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs()
A vulnerability was found in the i3cmasterputi3caddrs function in the Linux kernel's i3c driver. A memory management issue can occur due to a copy-paste error between "dynaddr" and "initdynaddr", which leads to incorrect handling of memory, potentially causing resource mismanagement and instabili...
kernel: Bluetooth: ISO: Fix multiple init when debugfs is disabled
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix multiple init when debugfs is disabled If btdebugfs is not created successfully, which happens if either CONFIGDEBUGFS or CONFIGDEBUGFSALLOWALL is unset, then isoinit returns early and does not set isoinited t...
kernel: vdpa/mlx5: Fix invalid mr resource destroy
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5vdpadevadd can end up releasing mr resources which never got initialized in the first place. This patch adds the missing check in mlx5vdpadestroymrresources ...
kernel: mptcp: init: protect sched with rcu_read_lock
In the Linux kernel, the following vulnerability has been resolved: mptcp: init: protect sched with rcureadlock Enabling CONFIGPROVERCULIST with its dependence CONFIGRCUEXPERT creates this splat when an MPTCP socket is created: ============================= WARNING: suspicious RCU usage 6.12.0-rc...
kernel: octeontx2-af: Add validation before accessing cgx and lmac
A bounds-checking error was found in the Linux kernel Marvell OcteonTX2 network driver's initialization code. On systems with newer CN10K RPM or CN10KB RPMUSX hardware, a local user with privileges to initialize the driver can trigger driver probe, causing the driver to make incorrect assumptions...
kernel: mm/damon/core: initialize damo_filter->list from damos_new_filter()
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: initialize damofilter-list from damosnewfilter damosnewfilter is not initializing the list field of newly allocated filter object. However, DAMON sysfs interface and DAMONRECLAIM are not initializing it after calli...
kernel: scsi: aacraid: Fix double-free on probe failure
In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aacprobeone calls hardware-specific init functions through the aacdriverident::init pointer, all of which eventually call down to aacinitadapter. If aacinitadapter fails after...
kernel: ext4: fix access to uninitialised lock in fc replay path
In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with fast-commit feature enabled: INFO: trying to register non-static...
kernel: brd: defer automatic disk creation until module initialization succeeds
In the Linux kernel, the following vulnerability has been resolved: brd: defer automatic disk creation until module initialization succeeds My colleague Wupeng found the following problems during fault injection: BUG: unable to handle page fault for address: fffffbfff809d073 PGD 6e648067 P4D...
Unspecified Vulnerability in Zoom Workplace Apps for Windows
Zoom Workplace Apps for Windows is an official suite of collaboration tools from Zoom that includes core features such as team chat, whiteboards, notes, and more, and is required to be used through a Zoom Meetings account. A security vulnerability exists in Zoom Workplace Apps for Windows, which...
Intel Server M50FCP和Intel Server D50DNP 安全漏洞
Intel Server M50FCP and Intel Server D50DNP are both servers from Intel Corporation USA. A security vulnerability exists in Intel Server M50FCP and Intel Server D50DNP that stems from improper initialization of the UEFI firmware, which could lead to information disclosure...
Lightweight Hybrid Block-Stream Cryptographic Algorithm for the Internet of Things
In this thesis, a novel lightweight hybrid encryption algorithm named SEPAR is proposed, featuring a 16-bit block length and a 128-bit initialization vector. The algorithm is designed specifically for application in Internet of Things IoT technology devices. The design concept of this algorithm i...
2402 LTSR target device stuck initializing while checking the status of Hybrid joined machines
...
Intel Core Ultra Processors 安全漏洞
Intel Core Ultra Processors is a Core series central processing unit CPU from Intel Corporation USA. A security vulnerability exists in Intel Core Ultra Processors that stems from improper initialization of branch prediction unit resources, which could lead to information disclosure...
Moderate: microcode_ctl security update
The microcodectl packages provide microcode updates for Intel and AMD processors. Security Fixes: microcodectl: Improper input validation in UEFI firmware CVE-2024-28047 microcodectl: Insufficient granularity of access control in UEFI firmware CVE-2024-39279 microcodectl: mproper initialization i...