79 matches found
UBUNTU-CVE-2025-39686
In the Linux kernel, the following vulnerability has been resolved: comedi: Make insnrwemulatebits do insn-n samples The insnrwemulatebits function is used as a default handler for INSNREAD instructions for subdevices that have a handler for INSNBITS but not for INSNREAD. Similarly, it is used as...
Linux Distros Unpatched Vulnerability : CVE-2023-53035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix kernel-infoleak in nilfsioctlwrapcopy The ioctl helper function nilfsioctlwrapcopy, which exchanges a metadata array to/from user space, may copy...
CVE-2022-50222 tty: vt: initialize unicode screen buffer
In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcsread 1, for buffer can be read immediately after resize operation. Initialize buffer using kzalloc. ---------- include include include include int...
kernel: uprobes: fix kernel info leak via "[uprobes]" vma
In the Linux kernel, the following vulnerability has been resolved: uprobes: fix kernel info leak via "uprobes" vma xoladdvma maps the uninitialized page allocated by createxolarea into userspace. On some architectures x86 this memory is readable even without VMREAD, VMEXEC results in the same...
CVE-2023-53035
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel-infoleak in nilfsioctlwrapcopy The ioctl helper function nilfsioctlwrapcopy, which exchanges a metadata array to/from user space, may copy uninitialized buffer regions to user space memory for read-only ioctl...
SUSE CVE-2023-53035
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel-infoleak in nilfsioctlwrapcopy The ioctl helper function nilfsioctlwrapcopy, which exchanges a metadata array to/from user space, may copy uninitialized buffer regions to user space memory for read-only ioctl...
DEBIAN-CVE-2023-53035
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel-infoleak in nilfsioctlwrapcopy The ioctl helper function nilfsioctlwrapcopy, which exchanges a metadata array to/from user space, may copy uninitialized buffer regions to user space memory for read-only ioctl...
Linux Distros Unpatched Vulnerability : CVE-2024-50076
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in confontget font.data may not initialize all memory spaces...
Linux Distros Unpatched Vulnerability : CVE-2019-19534
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peakusb/pcanusbcore.c drive...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: uprobes: Fixed a kernel information leak via “uprobes” vma. xoladdvma: Maps the uninitialized page allocated by createxolarea into user space. On some architectures x86, this memory is readable even without VMREAD or VMEXEC;...
CVE-2024-50110 xfrm: fix one more kernel-infoleak in algo dumping
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-infoleak in copytoiter+0x598/0x2a30 copytoiter+0x598/0x2a30 skbdatagramiter+0x168/0x1060...
UBUNTU-CVE-2024-50076
In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in confontget font.data may not initialize all memory spaces depending on the implementation of vc-vcsw-confontget. This may cause info-leak, so to prevent this, it is safest to modify it to initialize...
CVE-2024-37985
CVE-2024-37985 is a Windows Kernel Information Disclosure vulnerability. The available connected sources identify the affected context as Windows Kernel, with impact described as information disclosure (high confidentiality impact) in local scenarios. Microsoft’s advisory for this CVE references ...
DEBIAN-CVE-2024-42076
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...
AZL-47219 CVE-2024-42076 affecting package kernel for versions less than 6.6.43.1-7
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...
SUSE CVE-2022-48855
In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak for SCTP sockets syzbot reported a kernel infoleak 1 of 4 bytes. After analysis, it turned out r-idiagexpires is not initialized if inetsctpdiagfill calls inetdiagmsgcommonfill Make sure to clear...
do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
...
DEBIAN-CVE-2021-47597
In the Linux kernel, the following vulnerability has been resolved: inetdiag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak 1, that can exploited by unpriv users. After analysis it turned out UDP was not initializing r-idiagexpires. Other users of inetskdiagfill might make...
UBUNTU-CVE-2021-47597
In the Linux kernel, the following vulnerability has been resolved: inetdiag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak 1, that can exploited by unpriv users. After analysis it turned out UDP was not initializing r-idiagexpires. Other users of inetskdiagfill might make...
kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race
A use-after-free flaw was found in vcsread in drivers/tty/vt/vcscreen.c in vcscreen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information...