63 matches found
PT-2025-28994
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential null pointer dereference issue was identified in the fpga mgr test img load sgt function. The function allocates memory for sgt using kunit kzalloc, but fails to verify if...
DEBIAN-CVE-2025-38575
In the Linux kernel, the following vulnerability has been resolved: ksmbd: use aeadrequestfree to match aeadrequestalloc Use aeadrequestfree instead of kfree to properly free memory allocated by aeadrequestalloc. This ensures sensitive crypto data is zeroed before being freed...
UBUNTU-CVE-2025-38575
In the Linux kernel, the following vulnerability has been resolved: ksmbd: use aeadrequestfree to match aeadrequestalloc Use aeadrequestfree instead of kfree to properly free memory allocated by aeadrequestalloc. This ensures sensitive crypto data is zeroed before being freed...
UBUNTU-CVE-2024-53097
In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fix MTE false alarm in dokrealloc This patch addresses an issue introduced by commit 1a83a716ec233 "mm: krealloc: consider spare memory for GFPZERO" which causes MTE Memory Tagging Extension to falsely report a...
kernel: platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...
kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()
In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in genradixptralloc If we need to increase the tree depth, allocate a new node, and then race with another thread that increased the tree depth before us, we'll still have a preallocated no...
AZL-52969 CVE-2024-49885 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: mm, slub: avoid zeroing kmalloc redzone Since commit 946fa0dbf2d8 "mm/slub: extend redzone check to extra allocated kmalloc space than requested", setting origsize treats the wasted space objectsize - origsize as a redzone. Howev...
UBUNTU-CVE-2024-41059
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copyname syzbot reported BUG: KMSAN: uninit-value in sizedstrscpy+0xc4/0x160 sizedstrscpy+0xc4/0x160 copyname+0x2af/0x320 fs/hfsplus/xattr.c:411 hfspluslistxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750...
CVE-2021-26354
Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a loss of integrity...
PT-2023-12088 · Microsoft · Asp
Name of the Vulnerable Software and Affected Versions: ASP affected versions not specified Description: Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL, which may cause arbitrary memory values to be initialized to zero, potentially leading t...
SUSE CVE-2022-26365
Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...
SUSE CVE-2022-33740
Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...
SUSE CVE-2022-33741
Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...
Important: kernel
Issue Overview: Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend...
ALPINE-CVE-2022-26365
Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...
CVE-2022-33741
Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...
ALPINE-CVE-2022-33742
Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...
ALPINE-CVE-2022-33741
Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...
UBUNTU-CVE-2022-33740
Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...
CVE-2022-26365
Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...