CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

264 matches found

CVE-2026-46169

CVE-2026-46169 relates to the Linux kernel hfsplus subsystem. The issue arises when mounting a corrupted HFS+ filesystem, where hfs_brec_read() may read a smaller on-disk record than expected and leave most of the destination structure uninitialized, triggering a KMSAN warning in hfsplus_strcasec...

5.8AI score0.00024EPSS

Exploits0References5

AstraLinux•added 2026/05/20 5:53 a.m.•12 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: virtio/vsock: Fixed an uninit-value issue in virtiotransportrecvpkt. KMSAN reported the following uninit-value access issues: ===================================================== BUG: KMSAN: uninit-value in...

7.1CVSS5.8AI score0.00018EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Mark the bpf prog stack with kmsanunpoisonmemory in interpreter mode. SYZBOT reported uninit memory usage during maplookup,deleteelem. ========= BUG: KMSAN: uninitvalue in devmaplookupelem kernel/bpf/devmap.c:441 inline...

5.5CVSS6.5AI score0.00033EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: Fixed an uninitialized value in ocfs2filereaditer. Syzbot has reported the following KMSAN errors: BUG: KMSAN: Uninitialized value in ocfs2filereaditer+0x9a4/0xf80; ocfs2filereaditer+0x9a4/0xf80; ioread+0x8d4/0x20f0;...

7.1CVSS6.3AI score0.00012EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fixed race conditions related to access to midibuf. There can be concurrent accesses to line6’s midibuf from both the URB completion callback and the rawmidi API access. This could be a cause of KMSAN warnings...

4.7CVSS6.3AI score0.00019EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: usb: aqc111: Fixed error handling of usbnet read calls Syzkaller, with the help of syzbot, identified an error in the aqc111 driver. This error was caused by incomplete sanitization of the results of usbnet read calls. Th...

7.1CVSS6.5AI score0.00072EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ath9khtc: fixed uninitialized values issues Syzbot reported 2 KMSAN bugs in ath9k. All of these bugs are caused by missing field initialization. In htcconnectservice, svcmetalen and pad are not initialized. Based on the code, ...

5.5CVSS6.3AI score0.00007EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: llc: Support for ETHPTR8022 has been removed. syzbot reported a bug related to uninit-values. 0 llc supports ETHP8022 0x0004 and previously also supported ETHPTR8022 0x0011. syzbot exploited ETHPTR8022 to trigger the bug. The...

5.5CVSS6.5AI score0.00011EPSS

Exploits0References2

CVE•added 2026/05/06 11:27 a.m.•4 views

CVE-2026-43139

The CVE-2026-43139 entry concerns the Linux kernel xfrm6 subsystem. The issue arises in xfrm6_get_saddr() which does not check the return value of ipv6_dev_get_saddr(); when ipv6_dev_get_saddr() fails with -EADDRNOTAVAIL, saddr->in6 remains uninitialized and xfrm6_get_saddr() incorrectly retur...

8.6CVSS5.8AI score0.00068EPSS

Exploits0References8Affected Software1

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: netlink: added nla be16/32 types to the minlen array. BUGs: KMSAN: uninit-value in nlavalidaterangeunsigned, lib/nlattr.c:222 inline. BUGs: KMSAN: uninit-value in nlavalidateintrange, lib/nlattr.c:336 inline. BUGs: KMSAN:...

5.5CVSS5.9AI score0.00012EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•0 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/9p: Fixed an issue related to uninit-value in p9clientrpc. Syzbot, with the help of KMSAN, reported the following errors: BUG: KMSAN: uninit-value in trace9pclientres, include/trace/events/9p.h:146 inline BUG: KMSAN:...

5.5CVSS6.4AI score0.00028EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy IOCTL ethtool interface. Since 'struct ethtoollinkksettings' is not initialized in this path, drive...

5.4AI score0.00029EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: hfs: fixed the issue where fields of hfs inodeinfo were initialized after hfsallocinode Syzbot reports an issue with accessing uninitialized values as follows: loop0: detected a change in capacity from 0 to 64...

5.5CVSS6.5AI score0.00021EPSS

Exploits0References2

Cvelist•added 2026/05/01 2:15 p.m.•24 views

CVE-2026-43036 net: use skb_header_pointer() for TCPv4 GSO frag_off check

In the Linux kernel, the following vulnerability has been resolved: net: use skbheaderpointer for TCPv4 GSO fragoff check Syzbot reported a KMSAN uninit-value warning in gsofeaturescheck called from netifskbfeatures 1. gsofeaturescheck reads iph-fragoff to decide whether to clear mangleidfeatures...

0.00015EPSS

Exploits0References4

Tenable Nessus•added 2026/04/22 12:0 a.m.•1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013764)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013764 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouseopen In idmousecreateimage, if any ftipcommand fails,...

5.8AI score0.00061EPSS

Exploits0References4

Tenable Nessus•added 2026/04/21 12:0 a.m.•2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012995)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012995 advisory. In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplusdeletecat The syzbot reported issue in...

5.6AI score0.0004EPSS

Exploits0References4

SUSE CVE•added 2026/01/06 12:24 a.m.•2 views

SUSE CVE-2025-68751

In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Fix false-positive kmsan report in fpuvstl A false-positive kmsan report is detected when running ping command. An inline assembly instruction 'vstl' can write varied amount of bytes depending on value of 'index'...

3.3CVSS6.4AI score0.00015EPSS

Exploits0References3