Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the meshmatcheslocal function’s unconditional dereferencing of empty pointers, potentially leadin...

libpng 资源管理错误漏洞

Libpng is an open-source PNG reference library developed by The PNG Development Group, which allows for the creation, reading, and other operations on PNG graphic files. Versions of Libpng prior to 1.6.55 contained a resource management vulnerability. This vulnerability stemmed from aliases and...

CVE-2026-23317

A flaw was found in the drm/vmwgfx component of the Linux kernel. Incorrect error handling in the vmwtranslateptr functions could cause them to return a success status even when an internal lookup operation failed. This could lead to the use of uninitialized pointers and out-of-bounds OOB memory...

CVE-2026-23302

A flaw was found in the Linux kernel. This vulnerability involves data races within the networking subsystem, specifically related to how network socket pointers are handled concurrently by multiple central processing units CPUs. Without proper synchronization, this concurrent access can lead to...

CVE-2026-23351

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

CVE-2026-23302

In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them concurrently. Add corresponding READONCE/WRITEONCE annotations for UDP, TCP an...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper error handling, potentially leading to incorrect reset of program pointers...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from uninitialized lists and pointers, and may lead to improper error handling...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checks on mailbox channel pointers when destroying suspended hardware contexts,...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of proper RCU protection in /proc/net/ptype. This vulnerability may lead to the reading ...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an improper initialization order of netdev pointers, potentially leading to memory leaks...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the xfarray and xfblob destructor functions are called without checking the validit...

📄 Microsoft Windows Server 2025 jscript.dll Use-After-Free

The exploit targets a use-After-free vulnerability in the JScript engine component jscript.dll of Internet Explorer 11 on Windows Server 2025. ============================================================================================================================================= | Title :...

Huawei HarmonyOS Scanning Module Access to Uninitialized Pointers Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An access to uninitialized pointers vulnerability exists in the Huawei HarmonyOS scanning module, which can be exploited by an attacker to cause availability...

curl 安全漏洞

curl is an open-source tool developed by cURL for transferring data from or to a server. Curl has a security vulnerability that stems from the use of data pointers pointing to freed memory during repeated SMB requests, which may lead to memory corruption...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An access to uninitialized pointers vulnerability exists in the Huawei HarmonyOS scanning module, which can be exploited by an attacker to cause availability...

Security update for patch

This update for patch fixes the following issues: CVE-2021-45261: Clear range of pointers before they are used/freed bsc1194037. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

CLSA-2026-1772186153 glibc: Fix of CVE-2025-15281

CVE-2025-15281: fix wordexp with WRDEREUSE and WRDEAPPEND returning uninitialized pointers in wewordv by resetting wewordc after wordfree...

Vim 安全漏洞

Vim is an open-source, cross-platform text editor developed by Vim developers. Versions of Vim prior to 9.2.0077 contained security vulnerabilities. These vulnerabilities were caused by heap-based buffer overflows and segmentation violations in the file recovery logic, both of which were triggere...

FreeRDP 资源管理错误漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.23.0 contained a resource management vulnerability. This vulnerability stemmed from the SDL2 implementation, where pointers were not cleared after being released, allowing reuse aft...