SUSE CVE-2024-46847

In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: ensure vmapblock is initialised before adding to queue Commit 8c61291fd850 "mm: fix incorrect vbq reference in purgefragmentedblock" extended the 'vmapblock' structure to contain a 'cpu' field which is set at...

DEBIAN-CVE-2024-46847

In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: ensure vmapblock is initialised before adding to queue Commit 8c61291fd850 "mm: fix incorrect vbq reference in purgefragmentedblock" extended the 'vmapblock' structure to contain a 'cpu' field which is set at...

CVE-2024-44945 netfilter: nfnetlink: Initialise extack before use in ACKs

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink: Initialise extack before use in ACKs Add missing extack initialisation when ACKing BATCHBEGIN and BATCHEND...

CVE-2024-42078

...

CVE-2024-42078 nfsd: initialise nfsd_info.mutex early.

In the Linux kernel, the following vulnerability has been resolved: nfsd: initialise nfsdinfo.mutex early. nfsdinfo.mutex can be dereferenced by svcpoolstatsstart immediately after the new netns is created. Currently this can trigger an oops. Move the initialisation earlier before it can possibly...

CVE-2024-39485 media: v4l: async: Properly re-initialise notifier entry in unregister

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifierentry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use listdelinit to...

CVE-2024-36925 swiotlb: initialise restricted pool list_head when SWIOTLB_DYNAMIC=y

In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool listhead when SWIOTLBDYNAMIC=y Using restricted DMA pools CONFIGDMARESTRICTEDPOOL=y in conjunction with dynamic SWIOTLB CONFIGSWIOTLBDYNAMIC=y leads to the following crash when initialising the...

CVE-2024-27431 cpumap: Zero-initialise xdp_rxq_info struct before running XDP program

In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdprxqinfo struct before running XDP program When running an XDP program that is attached to a cpumap entry, we don't initialise the xdprxqinfo data structure being used in the xdpbuff that backs the XDP...

The vulnerability of the lrzip.c component: the initialise_control function of the Irzip software, which allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the lrzip.c component, specifically the initialisecontrol function of the Irzip software, arises due to an overflow in the dynamic memory buffer. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the...

CVE-2022-28044

Irzip v0.640 was discovered to contain a heap memory corruption via the component lrzip.c:initialisecontrol...

DEBIAN-CVE-2022-28044

Irzip v0.640 was discovered to contain a heap memory corruption via the component lrzip.c:initialisecontrol...

UBUNTU-CVE-2022-28044

Irzip v0.640 was discovered to contain a heap memory corruption via the component lrzip.c:initialisecontrol...

PT-2022-16372 · Tightvnc · Tightvnc

Name of the Vulnerable Software and Affected Versions: TightVNC version 1.3.10 Description: The issue is caused by an integer signedness error and a resultant heap-based buffer overflow in the InitialiseRFBConnection function in rfbproto.c, which is part of the vncviewer component. This error...

UVI-2021-1001327 NFSv4: Initialise connection to the server in nfs4_alloc_client()

NFSv4: Initialise connection to the server in nfs4allocclient This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.134 by commit...

UBUNTU-CVE-2019-18420

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOPinitialise hypercall. hypercallcreatecontinuation is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format...

PT-2019-4882 · Xen +1 · Xen +1

Name of the Vulnerable Software and Affected Versions: Xen versions 4.6 through 4.12.x Description: The issue is related to incorrect error handling for a malformed format character in the hypercall initialise function of the Xen hypervisor. This can be exploited by a remote attacker to cause a...

UBUNTU-CVE-2019-15679

TightVNC code version 1.3.10 contains heap buffer overflow in InitialiseRFBConnection function, which can potentially result code execution. This attack appear to be exploitable via network connectivity...