PT-2026-37524

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the rnbd-srv component where the response buffer is not cleared before use. This can lead to the client receiving stray bytes when messages are exchanged between...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iio: light: as73211: Ensure buffer holes are zeroed Given that the buffer is copied to a kfifo that can ultimately be read by user space, it is necessary to ensure that the buffer is zeroed...

EUVD-2024-53846

Malicious code in bioql PyPI...

EUVD-2022-55484

Malicious code in bioql PyPI...

SUSE CVE-2025-39687

In the Linux kernel, the following vulnerability has been resolved: iio: light: as73211: Ensure buffer holes are zeroed Given that the buffer is copied to a kfifo that ultimately user space can read, ensure we zero it...

AZL-66974 CVE-2025-39687 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: iio: light: as73211: Ensure buffer holes are zeroed Given that the buffer is copied to a kfifo that ultimately user space can read, ensure we zero it...

CVE-2025-39687 iio: light: as73211: Ensure buffer holes are zeroed

In the Linux kernel, the following vulnerability has been resolved: iio: light: as73211: Ensure buffer holes are zeroed Given that the buffer is copied to a kfifo that ultimately user space can read, ensure we zero it...

CVE-2025-39687 iio: light: as73211: Ensure buffer holes are zeroed

In the Linux kernel, the following vulnerability has been resolved: iio: light: as73211: Ensure buffer holes are zeroed Given that the buffer is copied to a kfifo that ultimately user space can read, ensure we zero it...

CVE-2025-39687

CVE-2025-39687 affects the Linux kernel subsystem for the iio: light driver, specifically the as73211 component. The root cause described is that buffer holes were not zeroed when the buffer was copied into a kfifo that user space can read. The documented remediation in the initial description is...

CVE-2025-39684 comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized memory in doinsnioctl and doinsnlistioctl syzbot reports a KMSAN kernel-infoleak in doinsnioctl. A kernel buffer is allocated to hold insn-n samples each of which is an unsigned int. For some...

SUSE CVE-2022-50226

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmware return...

DEBIAN-CVE-2024-57943

In the Linux kernel, the following vulnerability has been resolved: exfat: fix the new buffer was not zeroed before writing Before writing, if a bufferhead marked as new, its data must be zeroed, otherwise uninitialized data in the page cache will be written. So this commit uses foliozeronewbuffe...

UBUNTU-CVE-2024-57943

In the Linux kernel, the following vulnerability has been resolved: exfat: fix the new buffer was not zeroed before writing Before writing, if a bufferhead marked as new, its data must be zeroed, otherwise uninitialized data in the page cache will be written. So this commit uses foliozeronewbuffe...

CVE-2024-57943 exfat: fix the new buffer was not zeroed before writing

In the Linux kernel, the following vulnerability has been resolved: exfat: fix the new buffer was not zeroed before writing Before writing, if a bufferhead marked as new, its data must be zeroed, otherwise uninitialized data in the page cache will be written. So this commit uses foliozeronewbuffe...

CVE-2024-57943

CVE-2024-57943 affects the Linux kernel exFAT path where a newly allocated buffer head could write uninitialized data from the page cache. The root cause is that buffers marked as new were not zeroed before write_end(), risking data leakage or corruption. The remediation is a kernel commit that c...

CVE-2024-57943 exfat: fix the new buffer was not zeroed before writing

In the Linux kernel, the following vulnerability has been resolved: exfat: fix the new buffer was not zeroed before writing Before writing, if a bufferhead marked as new, its data must be zeroed, otherwise uninitialized data in the page cache will be written. So this commit uses foliozeronewbuffe...

AZL-55056 CVE-2024-56769 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000writereg Syzbot reports 1 an uninitialized value issue found by KMSAN in dib3000readreg. Local u8 rb2 is used in i2ctransfer as a read buffer; in case that call fails, t...

kernel: block: initialize integrity buffer to zero before writing it to media

A flaw was found in the Linux kernel, where it initialized the integrity buffer to zero before writing it to media. Metadata added by biointegrityprep uses plain kmalloc, which leads to random kernel memory being written. Protection Information PI metadata is limited to the app tag not used by...

golang-fips: Golang FIPS zeroed buffer

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

SUSE CVE-2017-15897

Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc0x100, "This is not correctly encoded", "hex";' The buffer implementation was updated such that the buffer will...