An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data potentially containing sensitive information from kernel stack memory if the configuration lacks CONFIG_INIT_STACK_ALL aka CID-b9258a2cece4.

...

CVE-2020-9227

Huawei Smart Phones Moana-AL00B with versions earlier than 10.1.0.166 have a missing initialization of resource vulnerability. An attacker tricks the user into installing then running a crafted application. Due to improper initialization of specific parameters, successful exploit of this...

tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap

In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization...

Information Disclosure

kernel is vulnerable to information disclosure. Missing initialization flaws in the Linux kernel could lead to information leaks...

Information Disclosure

kernel is vulnerable to information disclosure. Missing initialization flaws in the Linux kernel could lead to information leaks...

Information Disclosure

kernel is vulnerable to information disclosure. Missing initialization flaws in the Linux kernel could lead to information leaks...

Information Disclosure

kernel is vulnerable to information disclosure. Missing initialization flaws in the Linux kernel could lead to information leaks...

Information Disclosure

kernel is vulnerable to information disclosure. Missing initialization flaws in the Linux kernel could lead to information leaks...

Information Disclosure

kernel is vulnerable to information disclosure. Missing initialization flaws in the Linux kernel could lead to information leaks...

Denial Of Service (DoS)

The kernel-rt package is vulnerable to Denial Of Service DoS.Missing initialization flaws were found in getname implementations in numerous network protocol implementations in the Linux kernel. Certain data structures in these getname implementations were not initialized properly before being...

Amazon Linux 2 : tcpdump (ALAS-2020-1385)

The version of tcpdump installed on the remote host is prior to 4.9.2-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1385 advisory. In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because...

Low: tcpdump

Issue Overview: In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization. CVE-2018-19519 Affected Packages: tcpdump Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit...

CVE-2019-9320

In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111761624...

CVE-2019-9315

In libhevc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112326216...

CVE-2019-9316

In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112052432...

CVE-2019-9318

In libhevc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111764725...

CVE-2018-19519

In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization...

Stack overflow

In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization...

DEBIAN-CVE-2018-19519

In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization...

CVE-2018-19519

In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization...