CVE-2019-10548

While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009,...

kernel: vhost/vsock: always initialize seqpacket_allow

Improper handling of seqpacketallow initialization was found in the Linux kernel in drivers/vhost/vsock.c...

2402 LTSR target device stuck initializing while checking the status of Hybrid joined machines

...

CVE-2025-37887

In the Linux kernel, the following vulnerability has been resolved: pdscore: handle unsupported PDSCORECMDFWCONTROL result If the FW doesn't support the PDSCORECMDFWCONTROL command the driver might at the least print garbage and at the worst crash when the user runs the "devlink dev info" devlink...

CVE-2025-37887

CVE-2025-37887 affects the Linux kernel driver path for the PDS core. The vulnerability arises when the FW does not support the PDS_CORE_CMD_FW_CONTROL command, causing the driver to read an uninitialized stack variable fw_list, which leaves fw_list.num_fw_slots with a garbage value and leads to ...

RLSA-2024:4262 Moderate: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: kernel: Reserved fields in guest message responses may not be zero initialized CVE-2023-31346 For more details about the security issues, including the impact, a CVSS...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-22097)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22097 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double...

CVE-2023-53101

In the Linux kernel, the following vulnerability has been resolved: ext4: zero idisksize when initializing the bootloader inode If the boot loader inode has never been used before, the EXT4IOCSWAPBOOT inode will initialize it, including setting the isize to 0. However, if the "never before used"...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect KVM VMX initialization sequence that could lead to null pointer dereferencing...

CVE-2022-49918

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ipvscleanupbatch During the initialization of ipvsconnnetinit, if file ipvsconn or ipvsconnsync fails to be created, the initialization is successful by default. Therefore, the ipvsconn or ipvsconnsync file...

CVE-2022-49917 ipvs: fix WARNING in ip_vs_app_net_cleanup()

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ipvsappnetcleanup During the initialization of ipvsappnetinit, if file ipvsapp fails to be created, the initialization is successful by default. Therefore, the ipvsapp file doesn't be found during the remove ...

CVE-2022-49903 ipv6: fix WARNING in ip6_route_net_exit_late()

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix WARNING in ip6routenetexitlate During the initialization of ip6routenetinitlate, if file ipv6route or rt6stats fails to be created, the initialization is successful by default. Therefore, the ipv6route or rt6stats file...

PT-2025-18562

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue in the Linux kernel has been resolved, specifically in the j1939 module. The problem was related to the lack of initialization of the CAN header. The read access to canxl...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a post-release reuse and double-release risk when vkms initialization fails...

PT-2025-15687 · Schneider Electric · Trio Q Data Radio +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A vulnerability exists that could lead to loss of confidentiality when a malicious user, having physical access, sets the product in factory default mode where it does not correctly initiali...

CVE-2025-24235

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A remote attacker may be able to cause unexpected app termination or heap corruption...

Autodesk AutoCAD CATPRODUCT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

CVE-2025-21862

In the Linux kernel, the following vulnerability has been resolved: dropmonitor: fix incorrect initialization order Syzkaller reports the following bug: BUG: spinlock bad magic on CPU1, syz-executor.0/7995 lock: 0xffff88805303f3e0, .magic: 00000000, .owner: /-1, .ownercpu: 0 CPU: 1 PID: 7995 Comm...

Linux Distros Unpatched Vulnerability : CVE-2024-50014

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem...

Linux Distros Unpatched Vulnerability : CVE-2024-56588

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: hisisas: Create all dump files during debugfs initialization For the current debugfs of hisisas, after user triggers dump, the driver allocate memory spac...