CVE-2025-39931 crypto: af_alg - Set merge to zero early in af_alg_sendmsg

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Set merge to zero early in afalgsendmsg If an error causes afalgsendmsg to abort, ctx-merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into afalgsendmsg whe...

EUVD-2025-6295

Malicious code in bioql PyPI...

SUSE CVE-2025-21843

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: avoid garbage value in panthorioctldevquery 'prioritiesinfo' is uninitialized, and the uninitialized value is copied to user object when calling PANTHORUOBJSET. Using memset to initialize 'prioritiesinfo' to avoid th...

CVE-2025-21843

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: avoid garbage value in panthorioctldevquery 'prioritiesinfo' is uninitialized, and the uninitialized value is copied to user object when calling PANTHORUOBJSET. Using memset to initialize 'prioritiesinfo' to avoid th...

CVE-2025-21843

CVE-2025-21843 concerns the Linux kernel DRM panthor component (panthor_ioctl_dev_query). The issue is that priorities_info is uninitialized and its value can be copied to a user object when PANTHOR_UOBJ_SET() is invoked. The documented fix is to initialize priorities_info (e.g., via memset) to a...

CVE-2025-21843 drm/panthor: avoid garbage value in panthor_ioctl_dev_query()

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: avoid garbage value in panthorioctldevquery 'prioritiesinfo' is uninitialized, and the uninitialized value is copied to user object when calling PANTHORUOBJSET. Using memset to initialize 'prioritiesinfo' to avoid th...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uninitialized prioritiesinfo variable in the panthorioctldevquery function that could lead to a garbage...

CVE-2021-47451

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: fix panic that occurs when timertype has garbage value Currently, when the rule related to IDLETIMER is added, idletimertg timer structure is initialized by kmalloc on executing idletimertgcreate function...

CVE-2021-47451

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: fix panic that occurs when timertype has garbage value Currently, when the rule related to IDLETIMER is added, idletimertg timer structure is initialized by kmalloc on executing idletimertgcreate function...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a panic that occurs when timertype has a garbage value...

CVE-2024-26799

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix uninitialized pointer dmactl In the case where lpassgetdmactlhandle is called and the driver id daiid is invalid the pointer dmactl is not being assigned a value, and dmactl contains a garbage value since it has n...

CVE-2024-26799 ASoC: qcom: Fix uninitialized pointer dmactl

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix uninitialized pointer dmactl In the case where lpassgetdmactlhandle is called and the driver id daiid is invalid the pointer dmactl is not being assigned a value, and dmactl contains a garbage value since it has n...

CVE-2021-30300

Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...

GSD-2021-1002165 netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value

netfilter: xtIDLETIMER: fix panic that occurs when timertype has garbage value This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15 by commit...

UVI-2021-1002096 netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value

netfilter: xtIDLETIMER: fix panic that occurs when timertype has garbage value This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.15 by commi...

GSD-2021-1001893 netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value

netfilter: xtIDLETIMER: fix panic that occurs when timertype has garbage value This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.15 by commi...

HackerOne: Account creation with invalid email addresses / email is accepting % and %0d%0a line termination chars

An account creation vulnerability was found where invalid email addresses containing '%' and '%0d%0a' line termination characters were accepted, allowing multiple unverified accounts to be created...