Lucene search
K

694 matches found

OSV
OSV
added 2026/06/26 8:17 p.m.5 views

UBUNTU-CVE-2026-53311

In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fusedentryrevalidate fusedentryrevalidate may be called with a dentry that didn't had -dtime initialised. The issue was found with KMSAN, where lookupopen calls dalloc, followed by drevalidate, as shown...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/26 7:41 p.m.7 views

EUVD-2026-39846

In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fusedentryrevalidate fusedentryrevalidate may be called with a dentry that didn't had -dtime initialised. The issue was found with KMSAN, where lookupopen calls dalloc, followed by drevalidate, as shown...

5.7AI score0.00112EPSS
Exploits0References3
CVE
CVE
added 2026/06/26 7:41 p.m.13 views

CVE-2026-53311

CVE-2026-53311 affects the Linux kernel’s FUSE subsystem: fuse_dentry_revalidate() may be invoked with a dentry whose d_time has not been initialised, originating from KMSAN observations during path resolution (lookup_open/d_revalidate). Multiple vendors and feeds document the fix as resolving th...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.13 views

PT-2026-52950

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where the fuse dentry revalidate function may be called with a dentry that has an uninitialized d time variable. This behavior was identified using KMSAN, occurring when...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References17
NVD
NVD
added 2026/06/24 5:17 p.m.4 views

CVE-2026-52985

In the Linux kernel, the following vulnerability has been resolved: netdevsim: zero initialize struct iphdr in dummy skbuff Syzbot reports a KMSAN uninit-value originating from nsimdevtrapskbbuild, with the allocation also being performed in the same function. Fix this by calling skbputzero inste...

0.00176EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: New folios are initialized before being used. KMSAN reports an uninitialized value in longestmatchstd, which is called from ntfscompresswrite. When new folios are allocated without being marked as “uptodate”, and...

5.5CVSS6AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ip6tunnel: Use skbvlaninetprepare in ip6tnlrcv. The responsible commit did not handle VLAN encapsulation as detected by syzbot 1. Use skbvlaninetprepare instead of pskbinetmaypull. 1 BUG: KMSAN: uninit-value in...

7.5CVSS6.4AI score0.00468EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ntfs3: Fixed an issue where uninit memory was allocated after a failed miread operation in miformatnew. Fixed a KMSAN un-init bug identified by syzkaller. The ntfsgetbh function expects a buffer from sbgetblk; this buffer may...

6.9AI score0.00161EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.5 views

PT-2026-51879

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netdevsim component where the struct iphdr in a dummy sk buff is not properly initialized. This leads to a KMSAN uninit-value, which occurs when the kernel accesse...

5.9AI score0.00176EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40278)

In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel- infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . net? KMSAN: kernel-infoleak in skbdatagramiter In tcfifedump, the variable 'opt' was partially...

5.8AI score0.00189EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-26825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggere...

5.3CVSS5.5AI score0.00214EPSS
Exploits1References3
NVD
NVD
added 2026/06/03 8:16 p.m.13 views

CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

5.3CVSS0.00214EPSS
Exploits1References1
OSV
OSV
added 2026/06/03 8:16 p.m.12 views

DEBIAN-CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

5.3CVSS5.4AI score0.00214EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

5.8AI score0.00214EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/03 12:0 a.m.35 views

CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

0.00214EPSS
Exploits1References1
CVE
CVE
added 2026/06/03 12:0 a.m.25 views

CVE-2026-26825

Libxls 1.6.3 contains a use-of-uninitialized memory vulnerability when parsing malformed XLS files. The issue is triggered by uninitialized heap memory originating from the OLE layer (ole2_read) and is reachable via xls_parseWorkBook(). MemorySanitizer can detect it; the advisory notes undefined ...

5.3CVSS5.8AI score0.00214EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/03 12:0 a.m.9 views

CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

5.5AI score0.00214EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/03 12:0 a.m.17 views

EUVD-2026-34179

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

5.8AI score0.00214EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/06/03 12:0 a.m.8 views

CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

5.3CVSS5.4AI score0.00214EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.20 views

PT-2026-44292

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the hfsplus module where the hfs brec read function fails to validate that the on-disk record size matches the expected size for the record type being read. When...

8.8CVSS5.9AI score0.00501EPSS
Exploits0References453
Rows per page
Query Builder