SUSE CVE-2024-26973

In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fatencodefhnostale encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must be a multiple of 4 so t...

UBUNTU-CVE-2024-26973

In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fatencodefhnostale encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must be a multiple of 4 so t...

CVE-2024-26638

In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg-msggetinq value can be uninitialized 1 struct msghdr got many new fields recently, we should always make sure their values is zero by default. 1 BUG: KMSAN...

CVE-2021-47023

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix port event handling on init For some reason there might be a crash during ports creation if port events are handling at the same time because fw may send initial port event with down state. The crash...

CVE-2021-46947

In the Linux kernel, the following vulnerability has been resolved: sfc: adjust efx-xdptxqueuecount with the real number of initialized queues efx-xdptxqueuecount is initially initialized to numpossiblecpus and is later used to allocate and traverse efx-xdptxqueues lookup array. However, we may e...

UBUNTU-CVE-2023-52461

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix bounds limiting when given a malformed entity If we're given a malformed entity in drmschedentityinit--shouldn't happen, but we verify--with out-of-bounds priority value, we set it to an allowed value. Fix the...

ALSA-2024:0768 Moderate: libmaxminddb security update

The libmaxminddb package contains the MaxMind DB library. Security Fixes: libmaxminddb: improper initialization in dumpentrydatalist in maxminddb.c CVE-2020-28241 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer ...

kernel: vdpa_sim_blk: set number of address spaces and virtqueue groups

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: set number of address spaces and virtqueue groups Commit bda324fd037a "vdpasim: control virtqueue support" added two new fields nas, ngroups to vdpasimdevattr, but we forgot to initialize them for vdpasimblk. When...

GSD-2023-1001979 wifi: mac80211: fix initialization of rx->link and rx->link_sta

wifi: mac80211: fix initialization of rx-link and rx-linksta This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.8 by commit...

Unbreakable Enterprise kernel security update

4.14.35-2047.513.2 - Revert 'rds/ib: recover rds connection from stuck tx path' Nagappan Ramasamy Palaniappan Orabug: 34124234 4.14.35-2047.513.1 - mm/page-writeback: Fix performance when BDI's share of ratio is 0. Chi Wu Orabug: 34050050 - esp: Fix possible buffer overflow in ESP transformation...

PT-2025-8324

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free bug has been identified in the Linux kernel's macsec module. This issue occurs when a new macsec device is created without obtaining a reference to the real device,...

SUSE-SU-2019:0081-1 Security update for sssd

This update for sssd provides the following fixes: This security issue was fixed: - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users bsc1098377 These non-security issues were fixed: - Fix a segmentation fault in ssscac...

UBUNTU-CVE-2018-16058

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure...

UBUNTU-CVE-2018-7419

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was addressed in epan/dissectors/asn1/nbap/nbap.cnf by ensuring DCH ID initialization...

Security fix for the ALT Linux 7 package openssh version 5.9p1-alt7

5.9p1-alt7 built Dec. 9, 2013 Dmitry V. Levin in task 110259 Nov. 8, 2013 Dmitry V. Levin - sshd: applied upstream initialization fix CVE-2013-4548...

Security fix for the ALT Linux 8 package openssh version 5.9p1-alt7

Nov. 8, 2013 Dmitry V. Levin 5.9p1-alt7 - sshd: applied upstream initialization fix CVE-2013-4548...

Security fix for the ALT Linux 6 package openssh version 5.9p1-alt7

Nov. 8, 2013 Dmitry V. Levin 5.9p1-alt7 - sshd: applied upstream initialization fix CVE-2013-4548...