1540 matches found
PT-2026-51730
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A stack information leak exists in the tap ioctl function during the SIOCGIFHWADDR path. The function copies 16 bytes of an uninitialized on-stack sockaddr storage structure to userspace...
Astra Linux – Vulnerability in Linux
In memzeroexplicit of compiler-clang.h, there is a possible way to bypass defense in depth due to uninitialized data. This could lead to the disclosure of local information without requiring additional execution privileges. User interaction is not required for exploitation. Product: Android...
JLSEC-2026-579
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data...
JLSEC-2026-580
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be...
EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2026-2049)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ACPI: CPPC: Avoid out of bounds access when parsing CPC dataCVE-2022-49145 scsi: libsas: Fix use-after-free bug in...
CVE-2026-36613
Mercusys AC12G EU V1 with firmware AC12GEUV1200909 returns 128 bytes of uninitialized internal buffer contents when receiving HTTP POST requests to undefined paths, exposing server state to unauthenticated adjacent network attackers...
7-Zip 输入验证错误漏洞
7-Zip is an open-source compression software developed by 7-Zip. Version 9.18 to 26.00 of 7-Zip contained a vulnerability related to input validation errors. This vulnerability stemmed from the BSD SYMDEF parser in the Unix ar archive resolver, where a heap out-of-bound read was possible,...
SUSE CVE-2026-46169
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplusstrcasecmp. The root cause is that hfsbrecread doesn't validate that the on-disk record size matches the expected si...
Linux Distros Unpatched Vulnerability : CVE-2026-46169
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplusstrcasecmp. The root cause is that hfsbrecread...
CVE-2026-46169
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplusstrcasecmp. The root cause is that hfsbrecread doesn't validate that the on-disk record size matches the expected si...
UBUNTU-CVE-2026-46169
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplusstrcasecmp. The root cause is that hfsbrecread doesn't validate that the on-disk record size matches the expected si...
CVE-2026-46169 hfsplus: fix uninit-value by validating catalog record size
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplusstrcasecmp. The root cause is that hfsbrecread doesn't validate that the on-disk record size matches the expected si...
CVE-2026-46169
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplusstrcasecmp. The root cause is that hfsbrecread doesn't validate that the on-disk record size matches the expected si...
EUVD-2026-32796
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplusstrcasecmp. The root cause is that hfsbrecread doesn't validate that the on-disk record size matches the expected si...
SUSE CVE-2026-45865
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...
CVE-2026-45930
A flaw was found in the Linux kernel's Multi-Channel Transport Protocol MCTP networking implementation. When processing a RTMGETNEIGH request, the system may return uninitialized data in the ndmsg pad bytes. This can allow a local attacker to obtain sensitive information from kernel memory, leadi...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the virtiobt driver. In this driver, the virtbtrxhandle function does not check whether the...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the null payload in the non-linear buffer tapskb within the vsock/virtio driver. This vulnerability may...
EUVD-2026-32214
In the Linux kernel, the following vulnerability has been resolved: net: mctp: ensure our nlmsg responses are initialised Syed Faraz Abrar @farazsth98 from Zellic, and Pumpkin @u1f383 from DEVCORE Research Team working with Trend Micro Zero Day Initiative report that a RTMGETNEIGH will return...
EUVD-2026-32331
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...