Lucene search
K

276 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: ath9khtc: fixed uninitialized values issues Syzbot reported 2 KMSAN bugs in ath9k. All of these bugs are caused by missing field initialization. In htcconnectservice, svcmetalen and pad are not initialized. Based on the code, ...

5.5CVSS6.3AI score0.00259EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for leaking uninitialized memory in the fast-commit journal When space at the end of the fast-commit journal blocks is unused, make sure to zero it out so that uninitialized memory is not leaked to the disk...

5.5CVSS5.9AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dm flakey: Do not corrupt the zero page. When we need to zero a certain range on a block device, the function blkdevissuezeropages submits a write request with the bio vector pointing to the zero page. If we use the dm-flakey...

5.9AI score0.00188EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

Linux block and network PV device frontends do not zero memory regions before sharing them with the backend CVE-2022-26365, CVE-2022-33740. Additionally, the granularity of the grant table does not allow sharing smaller than a 4K page, resulting in unrelated data residing in the same 4K page as...

7.1CVSS6.7AI score0.00322EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed data corruption after conversion from inline format. The commit 6dbf7bb55598 “fs: Do not invalidate page buffers in blockwritefullpage” uncovered a latent bug in the conversion from inline inode format to a normal...

5.5CVSS6.4AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The “buffer” local array is used to push data to user space from a triggered buffer. However, it does not set an initial value for the single data element, which is a...

7.1CVSS6.4AI score0.00214EPSS
Exploits0References2
OSV
OSV
added 2026/05/14 7:20 p.m.10 views

CLSA-2026-1778493573 samba: Fix of CVE-2017-15275

CVE-2017-15275: Fix server heap memory information leak by zeroing unused area when messagepushstring grows the talloc buffer...

7.5CVSS6.8AI score0.21408EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/09 2:41 a.m.11 views

SUSE CVE-2026-43184

In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely. This prevents any stray bytes to be picked up by the client side when there the message is exchange...

4.3CVSS5.8AI score0.00444EPSS
Exploits0References7
OSV
OSV
added 2026/05/07 5:50 p.m.9 views

CLSA-2026-1778176200 samba: Fix of CVE-2017-15275

CVE-2017-15275: Fix server heap memory information leak by zeroing unused area when messagepushstring grows the talloc buffer...

7.5CVSS6.8AI score0.21408EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/07 2:18 a.m.13 views

SUSE CVE-2026-43089

In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildmapping struct xfrmusersaid has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structur...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/07 12:16 a.m.9 views

CVE-2026-43273

A flaw was found in the Linux kernel's Ceph file system module. The cephzeropartialobject function, responsible for handling object write operations, was missing proper snapshot context. This oversight could allow a local attacker to cause data inconsistencies within snapshots, leading to a loss ...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References4
NVD
NVD
added 2026/05/06 10:16 a.m.13 views

CVE-2026-43089

In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildmapping struct xfrmusersaid has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structur...

5.5CVSS0.00123EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:40 a.m.5 views

CVE-2026-43089

In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildmapping struct xfrmusersaid has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structur...

5.7AI score0.00123EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.15 views

PT-2026-37524

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the rnbd-srv component where the response buffer is not cleared before use. This can lead to the client receiving stray bytes when messages are exchanged between...

7.5CVSS5.6AI score0.00444EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.17 views

PT-2026-37399

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An information leak exists in the build mapping function within the xfrm user component. The xfrm usersa id structure contains a one-byte padding hole following the proto field that is n...

7.8CVSS5.4AI score0.0014EPSS
Exploits0References443
Debian CVE
Debian CVE
added 2026/05/01 2:15 p.m.6 views

CVE-2026-43040

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndiscrauseropt to initialize nduseroptpadX fields to zero to prevent an info-leak When processing Router Advertisements with user options the kernel builds an RTMNEWNDUSEROPT netlink message. The nduseroptms...

7.1CVSS5.7AI score0.00117EPSS
Exploits0
CVE
CVE
added 2026/05/01 2:15 p.m.20 views

CVE-2026-43035

The CVE affects the Linux kernel net: sched: cls_api code path tc_chain_fill_node, where tcm_info in struct tcmsg was not initialized, leaking heap memory to userspace via a 4-byte field. The fix zeros tcm_info alongside other initialized fields. Affected/patched details from connected docs: upst...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.33 views

CVE-2026-43026 netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTAEXPECTNAT absent ctnetlinkallocexpect allocates expectations from a non-zeroing slab cache via nfctexpectalloc. When CTAEXPECTNAT is not present in the netlink message, savedad...

0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/01 2:15 p.m.7 views

EUVD-2026-26625

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTAEXPECTNAT absent ctnetlinkallocexpect allocates expectations from a non-zeroing slab cache via nfctexpectalloc. When CTAEXPECTNAT is not present in the netlink message, savedad...

5.8AI score0.00123EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/04/25 1:36 a.m.8 views

SUSE CVE-2026-31671

In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildreport struct xfrmuserreport is a u8 proto field followed by a struct xfrmselector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace...

3.3CVSS5.4AI score0.00114EPSS
Exploits0References17
Rows per page
Query Builder