CVE-2023-54234

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix missing mrioc-evtackcmds initialization Commit c1af985d27da "scsi: mpi3mr: Add Event acknowledgment logic" introduced an array mrioc-evtackcmds but initialization of the array elements was missed. They are just...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Missing Initialization of a Variable (CVE-2024-53101)

In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in fromkuid and fromkgid ocfs2setattr uses attr-iamode, attr-iauid and attr-iagid in a trace point even though ATTRMODE, ATTRUID and ATTRGID aren't set. Initialize all fields of newattrs to avoid...

EUVD-2019-18693

Malware in sbrugna...

Security update for libqt4

This update for libqt4 fixes the following issues: CVE-2021-45930: Fixed out-of-bounds write leading to DoS bsc1196654 CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont munitsPerEm bsc1211298 CVE-2023-32763: Fixed buffer overflow on QTextLayout during rendering of an SVG file with an...

SUSE-SU-2025:02968-1 Security update for libqt4

This update for libqt4 fixes the following issues: - CVE-2021-45930: Fixed out-of-bounds write leading to DoS bsc1196654 - CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont munitsPerEm bsc1211298 - CVE-2023-32763: Fixed buffer overflow on QTextLayout during rendering of an SVG file...

CVE-2025-9136

A flaw was found in RetroArch. This vulnerability allows a local attacker to trigger an out-of-bounds read via a crafted input to the filestreamvscanf function in the libretro-common/streams/filestream.c file due to a missing initialization, resulting in a denial of service...

kernel: net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null

A flaw was found in the tap module in the Linux kernel. A NULL pointer dereference can be triggered due to a missing initialization, resulting in a denial of service...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a missing INITLISTHEAD initialization in the ieee802154ifadd function in the mac802154 subsystem...

CVE-2021-47481

CVE-2021-47481 concerns the Linux kernel RDMA mlx5 path. The connected sources confirm a concrete flaw where the ODP xarray was not initialized when creating an ODP MR, allowing an out-of-bounds/invalid access that triggers a crash (page fault) due to reg_create() setting a desc_size. The fix des...

openSUSE: Security Advisory for libqt5 (SUSE-SU-2023:2981-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for qt6 (openSUSE-SU-2023:0111-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

SUSE-SU-2023:2969-1 Security update for libqt5-qtsvg

This update for libqt5-qtsvg fixes the following issues: - CVE-2021-45930: Fixed an out-of-bounds write that may have lead to a denial-of-service bsc1196654. - CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont munitsPerEm variable bsc1211298...

SUSE CVE-2018-10811

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable...

GHSA-CJW4-2W9R-R8MV Missing Initialization of Resource in Apache Arrow

While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory...

Linux kernel resource initialization vulnerability

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel version 5.17.5 and prior versions have a security vulnerability that stems from a missing initialization of kiocb-private in iorwinitfile in fs/iouring.c. No detailed vulnerability details a...

GHSA-R9Q2-3R6X-QMGP Inadequate Encryption Strength in Jenkins

Jenkins before versions 2.44 and 2.32.2 uses AES ECB block cipher mode without IV for encrypting secrets which makes Jenkins and the stored secrets vulnerable to unnecessary risks SECURITY-304...

nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace.

...

CVE-2021-46283

nftablesnewset in net/netfilter/nftablesapi.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service NULL pointer dereference and general protection fault because of the missing initialization for nftsetelemexpralloc. A local user can set a netfilter table expression i...

DEBIAN-CVE-2020-24455

Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...