114 matches found
CVE-2026-23076
CVE-2026-23076 affects the Linux kernel ALSA ctxfi driver: a potential out-of-bounds access in the audio mixer handling due to using conj as a loop index and referencing it in amixer_index() and sum_index(). The issue stems from lack of proper re-initialization of conj, enabling OOB reads at ctam...
Azure Linux 3.0 Security Update: kernel (CVE-2025-21707)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21707 advisory. - In the Linux kernel, the following vulnerability has been resolved: mptcp: consolidate suboption status MPTC...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002227)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002227 advisory. The sctpinit function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to...
CVE-2025-71064
In the Linux kernel, the following vulnerability has been resolved: net: hns3: using the numtqps in the vf driver to apply for resources Currently, hdev-htqp is allocated using hdev-numtqps, and kinfo-tqp is allocated using kinfo-numtqps. However, kinfo-numtqps is set to minnewtqps, hdev-numtqps;...
CVE-2026-22255 iccDEV has heap-buffer-overflow in CIccCLUT::Init() at IccProfLib/IccTagLut.cpp
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in CIccCLUT::Init at IccProfLib/IccTagLut.cpp. This...
CVE-2023-54234 scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix missing mrioc-evtackcmds initialization Commit c1af985d27da "scsi: mpi3mr: Add Event acknowledgment logic" introduced an array mrioc-evtackcmds but initialization of the array elements was missed. They are just...
PT-2025-54063
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s scsi/mpi3mr module related to the initialization of the evtack cmds array within the mrioc structure. Specifically, commit c1af985d27da introduced thi...
PT-2025-49702
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to RDMA/rxe functionality. Specifically, a potential NULL pointer dereference can occur within the rxe qp init req function when rxe queue init...
CVE-2025-13470
In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...
CVE-2025-13470 RNP 0.18.0 Vulnerable PKESK session keys
In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...
CVE-2025-48593
In btahfclientcbinit of btahfclientmain.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990113)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990113 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sendone: fix missing CAN header initialization The read access to struct...
EUVD-2023-60009
In the Linux kernel, the following vulnerability has been resolved: serial: arcuart: fix ofiomap leak in arcserialprobe Smatch reports: drivers/tty/serial/arcuart.c:631 arcserialprobe warn: 'port-membase' from ofiomap not released on lines: 631. In arcserialprobe, if uartaddoneport fails,...
Linux Distros Unpatched Vulnerability : CVE-2025-39904
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexecbuf struct in loadothersegments Patch series kexec: Fix invali...
UBUNTU-CVE-2022-50530
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix null pointer dereference in blkmqclearrqmapping Our syzkaller report a null pointer dereference, root cause is following: blkmqallocmapandrqs set-tagshctxidx = blkmqallocmapandrqs blkmqallocmapandrqs blkmqallocrqs //...
UBUNTU-CVE-2023-53555
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: initialize damofilter-list from damosnewfilter damosnewfilter is not initializing the list field of newly allocated filter object. However, DAMON sysfs interface and DAMONRECLAIM are not initializing it after calli...
EUVD-2025-31713
Malicious code in bioql PyPI...
EUVD-2022-55405
Malicious code in bioql PyPI...
CVE-2025-39903
In the Linux kernel, the following vulnerability has been resolved: ofnuma: fix uninitialized memory nodes causing kernel panic When there are memory-only nodes nodes without CPUs, these nodes are not properly initialized, causing kernel panic during boot. ofnumainit ofnumaparsecpunodes nodesetni...
CVE-2025-39904 arm64: kexec: initialize kexec_buf struct in load_other_segments()
In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexecbuf struct in loadothersegments Patch series "kexec: Fix invalid field access". The kexecbuf structure was previously declared without initialization. commit bf454ec31add "kexecfile: allow to place...