51 matches found
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002429)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002429 advisory. The llcuirecvmsg function in net/llc/afllc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain...
PT-2026-27700
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kernel stack leak exists in the irdma create user ah function within the RDMA/irdma component. The rsvd4 member of the irdma create ah resp structure leaks 4 bytes of stack memory...
EUVD-2018-13395
Malware in sbrugna...
EUVD-2017-6348
Malware in sbrugna...
EUVD-2018-12600
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-20855
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 4.18.7. In createqpcommon in drivers/infiniband/hw/mlx5/qp.c, mlx5ibcreateqpresp was never initialized,...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in ptrace for the ARM64 architecture that fails to initialize the temporary variable fpmr when processing...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mxs-dcp component failing to ensure that the payload field is zero when using a hardware key, resulting ...
RHEL 7 : kernel-rt (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kernel: Geneve/IPsec traffic may be unencrypted between two Geneve endpoints CVE-2020-25645 - An issue wa...
SUSE CVE-2010-4083
The copysemidtouser function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 IPCINFO, 2 SEMINFO, 3 IPCSTAT, or 4 SEMSTAT command in a semctl system call...
SUSE CVE-2013-2239
vzkernel before 042stab080.2 in the OpenVZ modification for the Linux kernel 2.6.32 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via 1 a crafted ploop driver ioctl call, related to the ploopgetdeviceioc function in...
SUSE CVE-2016-4485
The llccmsgrcv function in net/llc/afllc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message...
SUSE CVE-2018-20023
LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak stack memor...
SUSE CVE-2018-20855
An issue was discovered in the Linux kernel before 4.18.7. In createqpcommon in drivers/infiniband/hw/mlx5/qp.c, mlx5ibcreateqpresp was never initialized, resulting in a leak of stack memory to userspace...
PT-2022-4664 · Crow · Crow
Name of the Vulnerable Software and Affected Versions: Crow versions through 1.0+4 Description: The issue is related to HTTP applications based on Crow, which may reveal potentially sensitive uninitialized data from stack memory when fulfilling a request for a static file smaller than 16 KB. This...
Exiv2 Uninitialized Memory Read Vulnerability
Exiv2 is a cross-platform C++ library and command line utility for managing image metadata. An uninitialized memory read vulnerability exists in Exiv2 0.27.3 and earlier versions. An attacker can exploit the vulnerability to leak a few bytes of stack memory via specially crafted image files...
CVE-2021-29623
CVE-2021-29623 affects the Exiv2 project (library and CLI) prior to version 0.27.4. A read of uninitialized memory occurs when Exiv2 reads metadata from a crafted image file, potentially allowing an attacker to leak a few bytes of stack memory. The vulnerability is fixed in 0.27.4. Affected scope...
kernel: Red Hat only CVE-2020-12352 regression
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the...
Information Disclosure
janus-gateway is vulnerable to information disclosure. The leakage is possible because the function janusprocessincomingrequest in janus.c causes stack memory leak due to lack of proper handling of errorstr on SDP code...
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2072-1)
The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-20855: An issue was discovered in the Linux kernel In createqpcommon in drivers/infiniband/hw/mlx5/qp.c, mlx5ibcreateqpresp was never initialized, resulting ...