Intel Optane PMem management software 安全漏洞

Intel Optane PMem management software is a persistent memory management software developed by Intel Corporation. Previous versions of Intel Optane PMem management software, such as CRMGMT01.00.00.3584, CRMGMT02.00.00.4052, and CRMGMT03.00.00.0538, contained security vulnerabilities. These...

CVE-2025-38006 net: mctp: Don't access ifa_index when missing

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Don't access ifaindex when missing In mctpdumpaddrinfo, ifaindex can be used to filter interfaces, but only when the struct ifaddrmsg is provided. Otherwise it will be comparing to uninitialised memory - reproducible i...

CVE-2024-56747

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qediallocandinitsb Hook "qediops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb an...

Information Disclosure

webkitgtk4 is vulnerable to information disclosure. A validation issue was addressed with improved logic. Processing maliciously crafted web content may result in the disclosure of process memory...

Information Disclosure

webkitgtk4 is vulnerable to information disclosure. The vulnerability exists through the lack of validation, causing a race condition condition that allows reading of restricted memory...

Denial Of Service (DoS)

libexif is vulnerable to denial of service DoS. The vulnerability exists through the use of uninitialized memory in EXIF Makernote handling,...

CVE-2020-0546

Unquoted service path in IntelR OptaneTM DC Persistent Memory Module Management Software before version 1.0.0.3461 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access...

open62541:fuzz_json_decode: Use-of-uninitialized-value in jumpOverRec

Detailed Report: https://oss-fuzz.com/testcase?key=5769092627955712 Project: open62541 Fuzzing Engine: libFuzzer Fuzz Target: fuzzjsondecode Job Type: libfuzzermsanopen62541 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: jumpOverRec jumpOverRec jumpOverRec...

CVE-2015-1270

The ucnviogetConverterName function in common/ucnvio.cpp in International Components for Unicode ICU, as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service read of uninitialized memory or...

Multiple linux kernel bugs

chown: users can change the group affiliation of arbitrary files to the group they belong to, missing DAC check in chown2: local privilege escalation, overflow with signals: local denial-of-service, pss, mpu401 sound driver: read/write to complete memory, airo driver: read/write to complete memor...