267 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-49099
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix initialization of device object in vmbusdeviceregister Initialize th...
Linux Distros Unpatched Vulnerability : CVE-2024-42078
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nfsd: initialise nfsdinfo.mutex early. nfsdinfo.mutex can be dereferenced by svcpoolstatssta...
Linux Distros Unpatched Vulnerability : CVE-2024-26854
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ice: fix uninitialized dplls mutex usage The pf-dplls.lock mutex is initialized too late,...
CVE-2022-49478
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw-unitnumber is initialized with -1 and then if init table walk fails...
CVE-2025-21730
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid to init mgntentry list twice when WoWLAN failed If WoWLAN failed in resume flow, the rtw89opsaddinterface triggered without removing the interface first. Then the mgntentry list init again, causing the listempt...
CVE-2025-21707
In the Linux kernel, the following vulnerability has been resolved: mptcp: consolidate suboption status MPTCP maintains the received sub-options status is the bitmask carrying the received suboptions and in several bitfields carrying per suboption additional info. Zeroing the bitmask before parsi...
CVE-2025-21707 mptcp: consolidate suboption status
In the Linux kernel, the following vulnerability has been resolved: mptcp: consolidate suboption status MPTCP maintains the received sub-options status is the bitmask carrying the received suboptions and in several bitfields carrying per suboption additional info. Zeroing the bitmask before parsi...
CVE-2022-49217
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xxsendabortall, the nelem field of the ccb used is not initialized to 0. This missing initialization sometimes lead to the task completion path seeing the ccb with a non-zero...
CVE-2022-49627
In the Linux kernel, the following vulnerability has been resolved: ima: Fix potential memory leak in imainitcrypto On failure to allocate the SHA1 tfm, IMA fails to initialize and exits without freeing the imaalgoarray. Add the missing kfree for imaalgoarray to avoid the potential memory leak...
CVE-2022-49433
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent use of lock before it is initialized If there is a failure during probe of hfi1 before the sdmamaplock is initialized, the call to hfi1freedevdata will attempt to use a lock that has not been initialized. If th...
CVE-2022-49378
CVE-2022-49378 concerns a Linux kernel driver issue in the sfc/efx10 path where TX queue initialization can fail when modparam efx_separate_tx_channels=1 causes some channels to have only RX or only TX queues. The root cause is an incorrect determination of whether a channel has TX queues, which ...
CVE-2022-49350 net: mdio: unexport __init-annotated mdio_bus_init()
In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a free...
CVE-2022-49274 ocfs2: fix crash when mount with quota enabled
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix crash when mount with quota enabled There is a reported crash when mounting ocfs2 with quota enabled. RIP: 0010:ocfs2qinfolockresinit+0x44/0x50 ocfs2 Call Trace: ocfs2localreadinfo+0xb9/0x6f0 ocfs2...
CVE-2022-49099
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix initialization of device object in vmbusdeviceregister Initialize the device's dmamask,parms pointers and the device's dmamask value before invoking deviceregister. Address the following trace with 5.17-rc...
CVE-2022-49096
Summary (CVE-2022-49096): In the Linux kernel net/sfc driver, changing rx/tx ring buffer size with ethtool -G led to a kernel panic when handling XDP_TX or XDP_REDIRECT because xdp queues (efx->xdp_tx_queues) were not reinitialized. The root cause was missing reinitialization of the XDP queues...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from NFSv4 not initializing nfs4label during referral lookup...
CVE-2025-27148 Gradle vulnerable to local privilege escalation through system temporary directory
Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. This library initialization could be...
CVE-2025-27148
Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. This library initialization could be...
Azure Linux 3.0 Security Update: kernel (CVE-2024-49900)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49900 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of newea in...
CVE-2024-57947
The CVE-2024-57947 issue in the Linux kernel concerns netfilter nf_set_pipapo: the initial map fill must initialize the buffer to all-ones only up to the size of the first field. If the first element’s bsize is smaller than m->bsize_max, one-bits leak into later rounds, causing nf_set_pipapo t...