Initialisation failure in `Once::try_call_once` can lead to undefined behaviour for other initialisers

Once::trycallonce is unsound if invoked more than once concurrently and any call fails to initialise successfully...

PT-2025-53195

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The GPIO controller component of the sc16is7xx driver is initialized prematurely, leading to a potential race condition. This occurs when another device attempts to utilize GPIO lines...

UVI-2021-1001270 NFSv4: Initialise connection to the server in nfs4_alloc_client()

NFSv4: Initialise connection to the server in nfs4allocclient This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.52 by commit...

DEBIAN-CVE-2019-19067

Four memory leaks in the acphwinit function in drivers/gpu/drm/amd/amdgpu/amdgpuacp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service memory consumption by triggering mfdaddhotplugdevices or pmgenpdadddevice failures, aka CID-57be09c6e874. NOTE: third parties dispute...

Debian DLA-1823-1 : linux security update (SACK Panic) (SACK Slowness)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-3846, CVE-2019-10126 huangwen reported multiple buffer overflows in the Marvell wifi mwifiex driver, which a local user could use to cause...

CVE-2018-20123

pvrdmarealize in hw/rdma/vmw/pvrdmamain.c in QEMU has a Memory leak after an initialisation error...

CVE-2018-20123

pvrdmarealize in hw/rdma/vmw/pvrdmamain.c in QEMU has a Memory leak after an initialisation error...

CVE-2018-20123

pvrdmarealize in hw/rdma/vmw/pvrdmamain.c in QEMU has a Memory leak after an initialisation error...

Design/Logic Flaw

In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly initialised with DSA parameters, 1.55 and earlier generates a private value assuming a 1024 bit key size...

KLA10796 Multiple vulnerabilities in Wireshark

Multiple vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely by injecting malformed packet. Technical details These vulnerabilities can be exploited remotely via a vectors related...

information leak via gnttab_setup_table on ARM

ISSUE DESCRIPTION When initialising an internal data structure on ARM platform Xen was not correctly initialising the memory containing the list of a domain's grant table pages. This list is returned by the GNTTABOPsetuptable subhypercall, leading to an information leak. IMPACT Malicious guest...

Microsoft Visual Studio ATL Remote Code Execution Vulnerability (969706)

This host is missing a critical security update according to Microsoft Bulletin MS09-035. OpenVAS Vulnerability Test $Id: secpodms09-035.nasl 6517 2017-07-04 13:34:20Z cfischer $ Microsoft Visual Studio ATL Remote Code Execution Vulnerability 969706 Authors: Sharath S Copyright: Copyright c 2009...