UBUNTU-CVE-2024-46856

In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix NULL pointer dereference on DP83825 devices The probe function is only used for DP83822 and DP83826 PHY, leaving the private data pointer uninitialized for the DP83825 models which causes a NULL pointer...

DEBIAN-CVE-2024-42076

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...

CVE-2024-42076 net: can: j1939: Initialize unused data in j1939_send_one()

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...

CVE-2021-47380

In the Linux kernel, the following vulnerability has been resolved: HID: amdsfh: Fix potential NULL pointer dereference devmaddactionorreset can suddenly invoke amdmp2pciremove at registration that will cause NULL pointer dereference since corresponding data is not initialized yet. The patch move...

Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crash

A bug in the Data.initbase32Encoded: function opens up the potential for exposing server memory and/or crashing the server Denial of Service for applications where untrusted data can end up in said function. Vapor does not currently use this function itself so this only impact applications that u...

CVE-2022-48352

Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system panic...

CVE-2022-48352

Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system panic...

CVE-2022-48352

Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system panic...

CVE-2022-48352

Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system panic...

CVE-2022-48352

Technical details about CVE-2022-48352 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.

PT-2023-15729 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: Smartphones affected versions not specified Description: The issue is related to data initialization problems in some smartphones. Successful exploitation of this problem may cause a system panic. Recommendations: At the moment, there is no...

HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in HarmonyOS, which stems from a data initialization issue that could be exploited by an attacker to cause a system crash...

vapor 代码问题漏洞

vapor is a Swift web development framework for individual developers. It can be used to develop high-performance web applications and supports iOS, OS X and Ubuntu systems. A code issue vulnerability exists in Vapor 4.47.1 and earlier versions, which stems from an error in the...

LSN-0067-1: Kernel Live Patch Security Notice

It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-11494...

Code injection

Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...

CVE-2018-19519

In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization...

CVE-2018-19519

In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization...

USN-2843-2 linux-lts-wily vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

CVE-2015-2044

The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size...

CVE-2015-2044

CVE-2015-2044 concerns the Xen hypervisor: the emulation routines for unspecified X86 devices in Xen 3.2.x–4.5.x do not properly initialize data, enabling local HVM guest users to obtain sensitive information via an unsupported access size. The Mageia advisory MGASA-2016-0098 documents this CVE a...