210 matches found
CVE-2025-38611
CVE-2025-38611 is rejected/not used; this CVE entry does not represent an active vulnerability.
CVE-2025-38579 f2fs: fix KMSAN uninit-value in extent_info usage
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix KMSAN uninit-value in extentinfo usage KMSAN reported a use of uninitialized value in isextentmergeable and isbackmergeable via the read extent tree path. The root cause is that getreadextentinfo only initializes three...
CVE-2025-38579 f2fs: fix KMSAN uninit-value in extent_info usage
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix KMSAN uninit-value in extentinfo usage KMSAN reported a use of uninitialized value in isextentmergeable and isbackmergeable via the read extent tree path. The root cause is that getreadextentinfo only initializes three...
DEBIAN-CVE-2025-38478
In the Linux kernel, the following vulnerability has been resolved: comedi: Fix initialization of data for instructions that write to subdevice Some Comedi subdevice instruction handlers are known to access instruction data elements beyond the first insn-n elements in some cases. The doinsnioctl...
kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...
GHSA-XRRQ-RRGQ-H89W static-alloc vulnerability leads to uninitialized read after allocating MemBump
The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various allocmethods would then read and write the start of that memory as a Cell which isundefined behavior. Instead, it should zero initialize the start of the allocated...
static-alloc vulnerability leads to uninitialized read after allocating MemBump
The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various allocmethods would then read and write the start of that memory as a Cell which isundefined behavior. Instead, it should zero initialize the start of the allocated...
Uninitialized read after allocating MemBump
The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various alloc methods would then read and write the start of that memory as a Cell which is undefined behavior. Instead, it should zero initialize the start of the allocate...
PT-2025-30366 · Crates.Io · Static-Alloc
The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various allocmethods would then read and write the start of that memory as a Cell which isundefined behavior. Instead, it should zero initialize the start of the allocated...
PT-2025-30314 · Crates.Io · Static-Alloc
The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various alloc methods would then read and write the start of that memory as a Cell which is undefined behavior. Instead, it should zero initialize the start of the allocate...
PT-2025-31075
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in Comedi subdevice instruction handlers where data elements beyond the first insn-n elements may be accessed in certain cases. The do insn ioctl and do...
kernel: nbd: always initialize struct msghdr completely
In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg-msggetinq value can be uninitialized 1 struct msghdr got many new fields recently, we should always make sure their values is zero by default. 1 BUG: KMSAN...
PT-2025-33777
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contained a flaw within the f2fs file system related to uninitialized values in the extent info structure. Specifically, the get read extent info function only...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fixed information leakage in the triggered buffer. The “buffer” local array is used to push data to user space from a triggered buffer. However, it does not set values for inactive channels, as it only uses...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iio:pressure:zpa2326: Fixed information leakage in the triggered buffer. The “sample” local struct is used to push data to user space from a triggered buffer. However, there is a flaw in the structure’s fields—specifically, there...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchipsaradc: fixed information leakage in the triggered buffer. The “data” local struct is used to push data to user space from a triggered buffer. However, it does not set values for inactive channels, as it only us...
SUSE CVE-2025-37865
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported Russell King reports that on the ZII dev rev B, deleting a bridge VLAN from a user port fails with -ENOENT:...
RLSA-2024:4262 Moderate: linux-firmware security update
The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: kernel: Reserved fields in guest message responses may not be zero initialized CVE-2023-31346 For more details about the security issues, including the impact, a CVSS...
SUSE SLES15: kernel-livepatch-5_14_21-150400_24_122-default / etc (SUSE-SU-2025:0920-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0920-1 advisory. This update for the Linux Kernel 5.14.21-15040024122 fixes several issues. The following security issues were fixed: - CVE-2024-46818:...
Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122234 fixes one issue. The following security issue was fixed: CVE-2024-50302: HID: core: zero-initialize the report buffer bsc1233679. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...