Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the f2fssanitychecknodefooter function in the f2fs file system. This function accesses...

CVE-2026-3497

OpenSSH CVE-2026-3497 concerns a flaw in the GSSAPI Key Exchange patch applied by several Linux distributions, not in the upstream OpenSSH project. The bug occurs when sshpkt_disconnect() is used on an error and does not terminate the process, allowing an attacker to send an unexpected GSSAPI mes...

SUSE-SU-2025:3955-1 Security update for sccache

This update for sccache fixes the following issues: - CVE-2025-55159: updated slab with the uninit memory access fix bsc1248003...

EUVD-2015-1910

Malware in sbrugna...

EUVD-2010-1888

Malware in sbrugna...

EUVD-2014-3975

Malware in sbrugna...

EUVD-2020-0218

Malware in sbrugna...

EUVD-2015-1681

Malware in sbrugna...

EUVD-2020-27247

Malware in sbrugna...

EUVD-2016-8333

Malware in sbrugna...

EUVD-2017-2703

Malware in sbrugna...

EUVD-2017-16949

Malware in sbrugna...

EUVD-2020-2525

Malware in sbrugna...

EUVD-2023-59952

Malicious code in bioql PyPI...

EUVD-2024-34242

Malicious code in bioql PyPI...

CVE-2025-38006

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Don't access ifaindex when missing In mctpdumpaddrinfo, ifaindex can be used to filter interfaces, but only when the struct ifaddrmsg is provided. Otherwise it will be comparing to uninitialised memory - reproducible i...

CVE-2025-38006 net: mctp: Don't access ifa_index when missing

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Don't access ifaindex when missing In mctpdumpaddrinfo, ifaindex can be used to filter interfaces, but only when the struct ifaddrmsg is provided. Otherwise it will be comparing to uninitialised memory - reproducible i...

CVE-2021-43848

h2o is an open source http server. In code prior to the 8c0eca3 commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain order, HTTP/3 server-side implementation of h2o can be misguided to treat uninitialized memory as HTTP/3 frames that have been received. Whe...

CVE-2020-6093

An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML error handling. A specially crafted PDF document can cause uninitialized memory access resulting in information disclosure. In order to trigger this vulnerability, victim must open a malicious file...

CVE-2020-26271

In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge between one output tensor of the src node given by outputindex and the input slot of the dst node...