4 matches found
CVE-2023-53380
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref of mreplace in raid10syncrequest There are two check of 'mreplace' in raid10syncrequest. In the first check, 'needreplace' will be set and 'mreplace' will be used later if no-Faulty 'mreplace' exists...
CVE-2023-53380
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref of mreplace in raid10syncrequest There are two check of 'mreplace' in raid10syncrequest. In the first check, 'needreplace' will be set and 'mreplace' will be used later if no-Faulty 'mreplace' exists...
CVE-2025-38579
CVE-2025-38579 affects the Linux kernel F2FS: KMSAN reported use of uninitialized values in __is_extent_mergeable() and __is_back_mergeable() through the read extent tree path. Root cause: get_read_extent_info() only initializes three fields (fofs, blk, len) of struct extent_info, leaving others ...
Medium: postgresql15
Issue Overview: In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...