GSD-2022-1002287 netfilter: nf_tables: initialize registers in nft_do_chain()

netfilter: nftables: initialize registers in nftdochain This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.188 by commit...

Missing onlyUnInitialized modifier on initialize() function

Missing onlyUnInitialized modifier on initialize function Guess that onlyUnInitialized modifier were created for initialized function, but it wasn't called on the function. As the name, initialize should be called once early when the contract is deployed. But in the current implementation the...

GSD-2022-1000926 mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work

mac80211hwsim: initialize ieee80211txinfo at hwscanwork This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.270 by commit...

GSD-2022-1000881 mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work

mac80211hwsim: initialize ieee80211txinfo at hwscanwork This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.183 by commit...

GSD-2022-1000845 mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work

mac80211hwsim: initialize ieee80211txinfo at hwscanwork This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.104 by commit...

GSD-2022-1000721 mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work

mac80211hwsim: initialize ieee80211txinfo at hwscanwork This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.13 by commit...

Anyone can be _owner

Lines of code Vulnerability details Impact Anyone can be owner by calling initialize Proof of Concept initialize can called multiple times as the name 'initialize' should intended to be called one time when the contract deployed. Nothing prevent it to be called multiple times, and claim the...

Update initializer modifier to prevent reentrancy during initialization

Lines of code Vulnerability details Impact While Governable.sol is out of scope, I figured this issue would still be fair game. The solution uses: "@openzeppelin/contracts": "4.2.0". This dependency has a known high severity vulnerability: Which makes this contract vulnerable: File: Governable.so...

CVE-2022-23578

Tensorflow is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of ImmutableExecutorState::Initialize. Here, we set item-kernel to nullptr but it is a simple OpKernel pointer so the memory that was previously allocated to it...

PYSEC-2022-142

Tensorflow is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of ImmutableExecutorState::Initialize. Here, we set item-kernel to nullptr but it is a simple OpKernel pointer so the memory that was previously allocated to it...

PYSEC-2022-142

Tensorflow is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of ImmutableExecutorState::Initialize. Here, we set item-kernel to nullptr but it is a simple OpKernel pointer so the memory that was previously allocated to it...

PT-2022-16095 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The issue arises when a graph node is invalid, causing TensorFlow to leak memory...

GSD-2022-1000012 Input: appletouch - initialize work before device registration

Input: appletouch - initialize work before device registration This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.296 by commit...

GSD-2022-1000010 Input: appletouch - initialize work before device registration

Input: appletouch - initialize work before device registration This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.4.298 by commit...

PoolTemplate.sol initialize() can be called by attacker during deployment

Handle jayjonah8 Vulnerability details Impact In PoolTemplate.sol the initialize function sets important storage variables like conditions and references and this function can only be called once. During deployment an attacker can monitor the blockchain byte code and call the initialize function...

GSD-2021-1002752 netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc

netdevsim: Zero-initialize memory for new map's value in function nsimbpfmapalloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.11 by...

GSD-2021-1002704 netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc

netdevsim: Zero-initialize memory for new map's value in function nsimbpfmapalloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.88 by...

GSD-2021-1002679 netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc

netdevsim: Zero-initialize memory for new map's value in function nsimbpfmapalloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.168 by...

GSD-2021-1002654 netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc

netdevsim: Zero-initialize memory for new map's value in function nsimbpfmapalloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.222 by...

GSD-2021-1002207 RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR

RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15 by commit...