71 matches found
CVE-2022-50222
In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcsread 1, for buffer can be read immediately after resize operation. Initialize buffer using kzalloc. ---------- include include include include int...
CVE-2022-50222 tty: vt: initialize unicode screen buffer
In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcsread 1, for buffer can be read immediately after resize operation. Initialize buffer using kzalloc. ---------- include include include include int...
CVE-2022-50222
CVE-2022-50222 affects the Linux kernel in the VT/TTY subsystem, specifically the Unicode screen buffer initialization. According to the provided description, a kernel infoleak could occur in vcs_read() when the screen buffer is read immediately after a resize. The remediation implemented is to i...
PT-2025-26095 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A fix has been applied to the Linux kernel to address an information leak issue in the wil write file wmi function. The problem occurred because the simple write to buffer function...
CVE-2023-33115
Memory corruption while processing buffer initialization, when trusted report for certain report types are generated...
CVE-2025-21987
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: init return value in amdgputtmclearbuffer Otherwise an uninitialized value can be returned if amdgpurescleared returns true for all regions. Possibly closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3812 cherry...
CVE-2025-21987
CVE-2025-21987: In Linux kernel DRM/AMDGPU, the bug is in init return value in amdgpu_ttm_clear_buffer; an uninitialized value could be returned if amdgpu_res_cleared returns true for all regions. The issue has been fixed via a cherry-picked commit (commit 7c62aacc3b452f73a1284198c81551035fac6d71...
SUSE-SU-2025:0924-1 Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122231 fixes several issues. The following security issues were fixed: - CVE-2024-46818: drm/amd/display: Check gpioid before used as array index bsc1231204. - CVE-2024-50302: HID: core: zero-initialize the report buffer bsc1233679...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ACPI: extlog: fix NULL pointer dereference check CVE-2023-52605 kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans CVE-2024-50264 kernel: HID: core:...
CVE-2024-57947
A buffer overflow vulnerability exists in the Linux kernel. After each round in the map search step, the result and the fill map are swapped. If a set where f-bsize of the first element is smaller than m-bsizemax, those one-bits are leaked into future rounds result map, resulting in loss of syste...
CVE-2024-57947
The CVE-2024-57947 issue in the Linux kernel concerns netfilter nf_set_pipapo: the initial map fill must initialize the buffer to all-ones only up to the size of the first field. If the first element’s bsize is smaller than m->bsize_max, one-bits leak into later rounds, causing nf_set_pipapo t...
CVE-2024-57947 netfilter: nf_set_pipapo: fix initial map fill
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map search step, the result a...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of initial map padding in the nfsetpipapo function of netfilter, resulting in incorrect...
CVE-2024-57910
In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to push data to userspace from a triggered buffer, but it does not set an initial value for the single data element, which is an u16...
CVE-2024-57910 iio: light: vcnl4035: fix information leak in triggered buffer
In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to push data to userspace from a triggered buffer, but it does not set an initial value for the single data element, which is an u16...
CVE-2024-50302 HID: core: zero-initialize the report buffer
In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via...
CVE-2021-47261
In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function initcqfragbuf can be called to initialize the current CQ fragments buffer cq-buf, or the temporary cq-resizebuf that is filled during CQ resize operation. However, the...
CVE-2021-47261
In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function initcqfragbuf can be called to initialize the current CQ fragments buffer cq-buf, or the temporary cq-resizebuf that is filled during CQ resize operation. However, the...
CVE-2021-47261
In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function initcqfragbuf can be called to initialize the current CQ fragments buffer cq-buf, or the temporary cq-resizebuf that is filled during CQ resize operation. However, the...
CVE-2024-26791
In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getnamekerne...