4 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: The kexecbuf structure was previously declared without initialization. The patch series “kexec: Fix invalid field access” addresses this issue. The kexecBuf structure was declared without being initialized. The comm...
EUVD-2025-31847
A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. The impacted element is an unknown function of the file /transaction.php. This manipulation of the argument shopid causes sql injection. The attack is possible to be carried out remotely. The exploit has been...
CVE-2025-39904
Summary: The CVE-2025-39904 issue affects the Linux kernel’s kexec path for arm64 (and riscv per the patch set). A kexec_buf structure was previously declared without full initialization, and a field added by a prior patch could be read uninitialized on some architectures, triggering UBSAN invali...
CVE-2025-39904 arm64: kexec: initialize kexec_buf struct in load_other_segments()
In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexecbuf struct in loadothersegments Patch series "kexec: Fix invalid field access". The kexecbuf structure was previously declared without initialization. commit bf454ec31add "kexecfile: allow to place...