1540 matches found
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013764)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013764 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouseopen In idmousecreateimage, if any ftipcommand fails,...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013241)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013241 advisory. In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about acce...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013349)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013349 advisory. In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bde...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007231)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007231 advisory. In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access...
SUSE CVE-2026-23367
In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...
EUVD-2026-15350
In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...
EUVD-2026-15264
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Return the correct value in vmwtranslateptr functions Before the referenced fixes these functions used a lookup function that returned a pointer. This was changed to another lookup function that returned an error code...
CVE-2026-23367
In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...
Linux Distros Unpatched Vulnerability : CVE-2026-23367
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the...
lz4_flex's decompression can leak information from uninitialized memory or reused output buffer
Summary Decompressing invalid LZ4 data can leak data from uninitialized memory, or can leak content from previous decompression operations when reusing an output buffer. Details The LZ4 block format defines a "match copy operation" which duplicates previously written data or data from the...
ASB-A-455892000
In multiple locations, there is a possible persistent denial of service due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
nodejs: Nodejs uninitialized memory exposure
A memory exposure flaw has been discovered in Node.js. A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other...
nodejs: Nodejs uninitialized memory exposure
A memory exposure flaw has been discovered in Node.js. A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other...
kernel: Kernel: Privilege escalation via uninitialized data in vmci transport packet
A flaw was found in the Linux kernel's vsock/vmci component. A local attacker with low privileges could exploit a vulnerability where the vmcitransportpacket structure is not properly cleared during initialization. This can lead to the use of uninitialized data, potentially allowing for informati...
kernel: Kernel: Privilege escalation via uninitialized data in vmci transport packet
A flaw was found in the Linux kernel's vsock/vmci component. A local attacker with low privileges could exploit a vulnerability where the vmcitransportpacket structure is not properly cleared during initialization. This can lead to the use of uninitialized data, potentially allowing for informati...
kernel: Kernel: Privilege escalation via uninitialized data in vmci transport packet
A flaw was found in the Linux kernel's vsock/vmci component. A local attacker with low privileges could exploit a vulnerability where the vmcitransportpacket structure is not properly cleared during initialization. This can lead to the use of uninitialized data, potentially allowing for informati...
kernel: Kernel: Privilege escalation via uninitialized data in vmci transport packet
A flaw was found in the Linux kernel's vsock/vmci component. A local attacker with low privileges could exploit a vulnerability where the vmcitransportpacket structure is not properly cleared during initialization. This can lead to the use of uninitialized data, potentially allowing for informati...
nodejs: Nodejs uninitialized memory exposure
A memory exposure flaw has been discovered in Node.js. A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other...
MiracleLinux 9 : firefox-115.6.0-1.el9_3.ML.1 (AXSA:2024-7350:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7350:02 advisory. Mozilla: Heap-buffer-overflow affecting WebGLDrawElementsInstanced method with Mesa VM driver CVE-2023-6856 Mozilla: Memory safety bugs fixed in...
MiracleLinux 8 : kernel-4.18.0-240.el8 (AXSA:2021-1489:04)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1489:04 advisory. kernel: use after free in the video driver leads to local privilege escalation CVE-2019-9458 kernel: use-after-free in drivers/bluetooth/hcildisc.c...