412 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-12467
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage...
DEBIAN-CVE-2025-38675
In the Linux kernel, the following vulnerability has been resolved: xfrm: state: initialize stateptrs earlier in xfrmstatefind In case of preemption, xfrmstatelookat will find a different pcpuid and look up states for that other CPU. If we matched a state for CPU2 in the statecache while the look...
CVE-2025-38675
CVE-2025-38675 affects the Linux kernel xfrm subsystem. The issue arises when preemption causes xfrm_state_look_at to search on a different pcpu (CPU2 vs CPU1); if a state for CPU2 is found in the state_cache during the lookup, the code may enter the acquire block with state_ptrs not initialized....
CVE-2025-38675
In the Linux kernel, the following vulnerability has been resolved: xfrm: state: initialize stateptrs earlier in xfrmstatefind In case of preemption, xfrmstatelookat will find a different pcpuid and look up states for that other CPU. If we matched a state for CPU2 in the statecache while the look...
UBUNTU-CVE-2025-38613
In the Linux kernel, the following vulnerability has been resolved: staging: gpib: fix unset padding field copy back to userspace The introduction of a padding field in the gpibboardinfoioctl is showing up as initialized data on the stack frame being copyied back to userspace in function...
CVE-2025-38579
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix KMSAN uninit-value in extentinfo usage KMSAN reported a use of uninitialized value in isextentmergeable and isbackmergeable via the read extent tree path. The root cause is that getreadextentinfo only initializes three...
Linux Distros Unpatched Vulnerability : CVE-2024-26791
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string...
Linux Distros Unpatched Vulnerability : CVE-2025-22110
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: Initialize ctx to avoid memory allocation error It is possible th...
nfsd: Initialize ssc before laundromat_work to prevent NULL dereference
...
DEBIAN-CVE-2025-38387
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize objevent-objsublist before xainsert The objevent may be loaded immediately after inserted, then if the listhead is not initialized then we may get a poisonous pointer. This fixes the crash below: mlx5core...
AZL-65648 CVE-2025-23266 affecting package nvidia-container-toolkit for versions less than 1.17.8-1
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering,...
usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
...
DEBIAN-CVE-2025-38319
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pp: Fix potential NULL pointer dereference in atomctrlinitializemcregtable The function atomctrlinitializemcregtable and atomctrlinitializemcregtablev22 does not check the return value of smuatomgetdatatable. If...
CVE-2025-38319
CVE-2025-38319 affects the Linux kernel’s DRM/AMD/PP path. The vulnerability arises because atomctrl_initialize_mc_reg_table() and atomctrl_initialize_mc_reg_table_v2_2() do not validate the return value of smu_atom_get_data_table(); if that call fails to obtain vram_info and returns NULL, a NULL...
UBUNTU-CVE-2025-38205
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 Why If the dummy values in populatedummydmlsurfacecfg aren't updated then they can lead to a divide by zero in downstream callers like CalculateVMAndRowBytes...
CVE-2025-6109 javahongxi whatsmars InitializrController.java initialize path traversal
A vulnerability was found in javahongxi whatsmars 2021.4.0. It has been rated as problematic. Affected by this issue is the function initialize of the file /whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java. The manipulati...
CVE-2023-23298
The Toybox.Graphics.BufferedBitmap.initialize API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which can result in integer overflows when allocating the underlying bitmap buffer. A malicious application could call the API method with specially crafted parameters...
CVE-2023-23300
The Toybox.Cryptography.Cipher.initialize API method in CIQ API version 3.0.0 through 4.1.7 does not validate its parameters, which can result in buffer overflows when copying data. A malicious application could call the API method with specially crafted parameters and hijack the execution of the...
CVE-2025-37887 pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result
In the Linux kernel, the following vulnerability has been resolved: pdscore: handle unsupported PDSCORECMDFWCONTROL result If the FW doesn't support the PDSCORECMDFWCONTROL command the driver might at the least print garbage and at the worst crash when the user runs the "devlink dev info" devlink...
DEBIAN-CVE-2025-37805
In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix cancelsync warnings on uninitialized workstructs Betty reported hitting the following warning: 8.709131 T221 WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182 ... 8.713282 T221 Call trace: 8.713365 T221...