CVE-2022-46143

Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data...

CVE-2021-0946

The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameInt on the heap, fills the contents of the buffer via PMRPDumpSymbolicAddr, and then copies the buffer to userspace. The method PMRPDumpSymbolicAddr may fail, and if it does the buffer will be left uninitialized and despite the...

CVE-2020-36443

An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::pollread, which is a user-provided trait function...

CVE-2019-10541

Dereference on uninitialized buffer can happen when parsing FLV clip with corrupted codec specific data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W,...

CVE-2023-53035 nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel-infoleak in nilfsioctlwrapcopy The ioctl helper function nilfsioctlwrapcopy, which exchanges a metadata array to/from user space, may copy uninitialized buffer regions to user space memory for read-only ioctl...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uninitialized buffer in the nilfsioctlwrapcopy function, which could lead to the disclosure of kernel...

Linux Distros Unpatched Vulnerability : CVE-2024-9355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buff...

DEBIAN-CVE-2022-49657

In the Linux kernel, the following vulnerability has been resolved: usbnet: fix memory leak in error case usbnetwritecmdasync mixed up which buffers need to be freed in which error case. v2: add Fixes tag v3: fix uninitialized buf pointer...

Azure Linux 3.0 Security Update: golang (CVE-2024-9355)

The version of golang installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-9355 advisory. - A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an...

PT-2025-3630 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns an information leak in the triggered buffer of the Linux kernel's ti-ads1119 ADC driver. The scan local struct, used to push data to user space, contains an...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an uninitialized stack buffer in the ipvsprotocolinit function, which could lead to undefined behavior ...

CBL Mariner 2.0 Security Update: golang / msft-golang (CVE-2024-9355)

The version of golang / msft-golang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-9355 advisory. - A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly...

The vulnerability of the nfnetlink_rcv_batch() function in the netfilter component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nfnetlinkrcvbatch function in the net/netfilter/nfnetlink.c module of the Linux kernel’s netfilter component is related to the absence of buffer initialization. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

CVE-2024-9355

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

CVE-2024-9355 Golang-fips: golang fips zeroed buffer

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

CVE-2024-9355

CVE-2024-9355 is reported in the provided CVE entry as affecting Golang FIPS OpenSSL used in MiracleLinux advisories. The connected Nessus entries (MIRACLE_LINUX_AXSA-2024-8888.NASL, MIRACLE_LINUX_AXSA-2024-9021.NASL, MIRACLE_LINUX_AXSA-2024-8957.NASL, MIRACLE_LINUX_AXSA-2024-8885.NASL, and other...

CVE-2024-9355 Golang-fips: golang fips zeroed buffer

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

CVE-2024-9355

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

PT-2024-39589 · Openssl +5 · Golang Fips Openssl +5

Name of the Vulnerable Software and Affected Versions: Golang FIPS OpenSSL affected versions not specified Description: A flaw in Golang FIPS OpenSSL allows a malicious user to cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. This may also lead to a...

ROS-20240813-01

The vulnerability of the nftsetrbtree function net/netfilter/nftsetrbtree.c of the Netfilter component of the Linux operating system is related to the operation exceeding the memory buffer boundaries. component of the Netfilter component of the Linux operating system is related to an operation...