kernel: usb: dwc3: qcom: Fix potential memory leak

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix potential memory leak Function dwc3qcomprobe allocates memory for resource structure which is pointed by parentres pointer. This memory is not freed. This leads to memory leak. Use stack memory to prevent...

FreeBSD : Mozilla -- stack memory read (2fc74cae-13c8-11f0-a5bd-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2fc74cae-13c8-11f0-a5bd-b42e991fc52e advisory. [email protected] reports: An attacker could read 32 bits of values spilled onto the stack in a JIT...

Mozilla -- stack memory read

[email protected] reports: An attacker could read 32 bits of values spilled onto the stack in a JIT compiled function...

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

ALPINE-CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

UBUNTU-CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

Mbed TLS 安全漏洞

Mbed TLS is an open source, portable, easy to use, readable and flexible SSL library from Mbed TLS Open Source. A security vulnerability exists in Mbed TLS versions prior to 2.28.10 and 3.x versions prior to 3.6.3, which stems from the use of uninitialized stack memory under certain circumstances...

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

PT-2025-12765

Name of the Vulnerable Software and Affected Versions Mbed TLS versions 2.28.9 and earlier, 3.x versions prior to 3.6.3 Description The issue arises when Mbed TLS, in certain cases of failed memory allocation or hardware errors, utilizes uninitialized stack memory to compose the TLS Finished...

EulerOS 2.0 SP12 : dhcp (EulerOS-SA-2025-1291)

According to the versions of the dhcp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only...

CVE-2025-21835

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmidi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled with the correct information, bNumEmbMIDIJack and bLength are set...

Linux Distros Unpatched Vulnerability : CVE-2018-20855

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 4.18.7. In createqpcommon in drivers/infiniband/hw/mlx5/qp.c, mlx5ibcreateqpresp was never initialized,...

Linux Distros Unpatched Vulnerability : CVE-2018-18064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between...

Linux Distros Unpatched Vulnerability : CVE-2016-9756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment CS in certain error cases, which allows local users to obtain...

Linux Distros Unpatched Vulnerability : CVE-2018-20023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker ...

Linux Distros Unpatched Vulnerability : CVE-2016-4486

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rtnlfilllinkifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users t...

Linux Distros Unpatched Vulnerability : CVE-2017-14156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The atyfbioctl function in drivers/video/fbdev/aty/atyfbbase.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows...