CVE-2025-71311

fs/ntfs3: Initialize new folios before use...

CVE-2026-45852

RDMA/rxe: Fix double free in rxesrqfrominit...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the PWM chip initialization in rust/pwm. As a result of this failure, the allocated...

PT-2026-43693

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize new folios before use KMSAN reports an uninitialized value in longest match std, invoked from ntfs compress write. When new folios are allocated without being marked uptodate and ni read frame is skipped...

EUVD-2026-31926

NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU MIG partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this...

CVE-2026-24197

NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU MIG partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this...

CVE-2026-24197

CVE-2026-24197 affects NVIDIA’s Linux GPU Display Driver, specifically the Multi-Instance GPU (MIG) partition management. The issue is an insecure default initialization of memory subsystem routing resources, which can cause data corruption or a hang during MIG partition reconfiguration. A succes...

CVE-2026-42782

Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malicious Groovy class containing untrusted code reaching a non-sandboxed execution path via the class static initializer. This issue affects...

CLSA-2026-1779467653 libssh: Fix of 4 CVEs

CVE-2025-4877: prevent base64 integer overflow and potential OOB write - CVE-2025-4878: initialize stack pointers to mitigate use of uninitialized values in legacy privatekeyfromfile path - CVE-2025-8277: fix DH-GEX packet filter and free unused ephemeral / ECDH keys to prevent memory exhaustion...

Insecure Default Initialization of Resource

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the hasValidToken function. An attacker can gain unauthorized access to create and modify FAQ entries,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: fix time stamp counter initialization If the gsusb device driver is unloaded or unbound before the interface is shut down, the USB stack first calls the struct usbdriver::disconnect function, and then the struct...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mctp: Fixed an error handling path in mctpinit. If mctpneighinit returns an error, the route resources should be released during the error handling path. Otherwise, some resources may be leaked...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to prevent race conditions during the fsyncentryslab access by multiple f2fs filesystem instances. As reported by syzbot, there is a use-after-free issue during f2fs recovery: A use-after-free occurs when...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Fork: Defer linking of vma until vma is fully initialized. Thorvald reported a WARNING 1. The root cause of the issue lies in a race condition: CPU 1 CPU 2 fork hugetlbfsfallocate dupmmap hugetlbfspunchhole...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: schedext: bpfiterscxdsqnew should always initialize the iterator. BPF programs may call next and destroy on BPF iterators even after new returns an error value e.g., the bpfforeach macro ignores error returns from new...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: rtw89 – Fixed a potential race condition between napiinit and napienable. A race condition can occur if netdev is registered, but NAPI is not initialized yet. Meanwhile, the user space starts the netdev that will enable...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrack: fixed a crash that occurred due to the removal of an uninitialized entry. A crash occurred when trying to remove the conntrack entry from the hash bucket list: exception RIP: nfctdeletefromlists+172 .. 7...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed the missing initialization of the mrioc-evtackcmds array. The commit c1af985d27da “scsi: mpi3mr: Add Event acknowledgment logic” introduced an array mrioc-evtackcmds, but the initialization of its elements was...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Start the MHI channel after endpoint creation The MHI channel may generate an event/interrupt right after enabling. This can lead to two race condition issues: 1 Such events may be dropped by the qcommhiqrtrdlcallback...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Media: ti-vpe: cal: Fixed a NULL pointer dereference in calctxv4l2initformats In calctxv4l2initformats, devmkzalloc is assigned to ctx-activefmt, and there is a dereference of it afterward. This could lead to a NULL pointer...