16 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46279
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/alloctag: clear codetag for pages allocated before pageext initialization Due to initialization ordering, pageext is allocated and initialized relatively lat...
CLSA-2026-1779375889 kernel: Fix of 95 CVEs
perf/x86/intel/uncore: Fix die ID init and look up bugs CVE-2026-43344 - x86/apic: Disable x2apic on resume if the kernel expects so CVE-2026-43363 - drm/amdgpu: Fix use-after-free race in VM acquire CVE-2026-43370 - dm: remove fake timeout to avoid leak request CVE-2026-43314 - md/bitmap: fix...
PT-2026-32951
Name of the Vulnerable Software and Affected Versions libsixel versions prior to 1.8.7-r1 Description A use-after-free issue exists in the sixel encoder encode bytes function. The sixel frame init function stores the caller-owned pixel buffer pointer directly in frame-pixels without creating a...
MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.3.el7.AXS7 (AXSA:2024-8831:30)
"The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8831:30 advisory. xen/blkfront: force data bouncing when backend is untrusted CVE-2022-33742 ALSA: Fix deadlocks with kctl removals at disconnection CVE-2024-38600...
CVE-2026-21677 iccDEV has Undefined Behavior in CIccCLUT::Init()
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have Undefined Behavior in its CIccCLUT::Init function which initializes and sets the size of a CLUT. This issue is fixed in version 2.3.1.1...
CVE-2025-14958 floooh sokol sokol_gfx.h _sg_pipeline_common_init heap-based overflow
A security flaw has been discovered in floooh sokol up to 33e2271c431bf21de001e972f72da17a984da932. This vulnerability affects the function sgpipelinecommoninit in the library sokolgfx.h. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The...
CVE-2025-40317 regmap: slimbus: fix bus_context pointer in regmap init calls
In the Linux kernel, the following vulnerability has been resolved: regmap: slimbus: fix buscontext pointer in regmap init calls Commit 4e65bda8273c "ASoC: wcd934x: fix error handling in wcd934xcodecparsedata" revealed the problem in the slimbus regmap. That commit breaks audio playback, for...
EUVD-2022-55466
Malicious code in bioql PyPI...
CVE-2022-50416
In the Linux kernel, the following vulnerability has been resolved: irqchip/wpcm450: Fix memory leak in wpcm450aicofinit If ofiomap failed, 'aic' should be freed before return. Otherwise there is a memory leak...
The vulnerabilities of the functions rdma_restrack_init() and type2str() in the InfiniBand driver (drivers/infiniband/core/restrack.c) of the Linux operating system allow a hacker to cause a service failure.
The vulnerabilities of the functions rdmarestrackinit and type2str in the InfiniBand driver drivers/infiniband/core/restrack.c of the Linux kernel are related to insufficient input validation. Exploiting these vulnerabilities could allow an attacker to cause a service failure...
The vulnerability of theradeon_crtc_init function in Linux kernel-based AMD Radeon graphics drivers allows a hacker to induce a service failure.
The vulnerability of the AMD Radeon driver for Linux operating systems is related to the assignment of a zero pointer in the function radeoncrtcinit within the drivers/gpu/drm/radeon/radeondisplay.c module. Exploiting this vulnerability can allow an attacker to cause a system failure...
DEBIAN-CVE-2018-10115
Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service segmentation fault or execute arbitrary code via a crafted RAR archive...
USN-3168-1 linux vulnerabilities
Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel memory. CVE-2016-9756 Andrey Konovalov discovered that signed integer overflows...
USN-3056-1 linux-raspi2 vulnerabilities
Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges. CVE-2016-3135 It was...
DEBIAN-CVE-2014-9892
The sndcomprtstamp function in sound/core/compressoffload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted applicatio...
PT-2013-6355 · Openssh +4 · Openssh +4
Name of the Vulnerable Software and Affected Versions: OpenSSH versions 6.2 through 6.3 Description: The issue allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet data that provides a crafted callback address. This is due to the mm newkeys fro...