CVE-2026-4147

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

CVE-2026-23335

A flaw was found in the Linux kernel's RDMA/irdma component. This vulnerability, located in the irdmacreateuserah function, is caused by uninitialized reserved memory. An attacker could potentially exploit this to leak 4 bytes of sensitive stack memory, leading to information disclosure...

CVE-2026-23384

A flaw was found in the Linux kernel, specifically within the RDMA/ionic component. This vulnerability is a kernel stack leak that occurs in the ioniccreatecq function. It could allow an attacker to gain unauthorized access to sensitive information by leaking up to 11 bytes of stack memory. This...

EUVD-2026-15381

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix kernel stack leak in ioniccreatecq struct ioniccqresp resp u32 cqid2; // offset 0 - PARTIALLY SET see below u8 udmamask; // offset 8 - SET resp.udmamask = vcq-udmamask u8 rsvd7; // offset 9 - NEVER SET udmamask &...

CVE-2026-23335 RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix kernel stack leak in irdmacreateuserah struct irdmacreateahresp // 8 bytes, no padding u32 ahid; // offset 0 - SET uresp.ahid = ah-scah.ahinfo.ahidx u8 rsvd4; // offset 4 - NEVER SET - LEAK ; rsvd4: 4 bytes of sta...

Linux Distros Unpatched Vulnerability : CVE-2026-23335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/irdma: Fix kernel stack leak in irdmacreateuserah struct irdmacreateahresp // 8 bytes, no padding u32 ahid; // offset 0 - SET uresp.ahid =...

EUVD-2026-12586

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

glibc: glibc: Information disclosure via zero-valued network query

A flaw was found in glibc, the GNU C Library. When an application calls the getnetbyaddr or getnetbyaddrr functions to resolve a network address, and the system's nsswitch.conf file is configured to use a DNS Domain Name System backend for network lookups, a query for a zero-valued network can le...

CVE-2026-4147

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

UBUNTU-CVE-2026-4147

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

CVE-2026-4147 Stack memory disclosure in filemd5 command

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

CVE-2026-4147 Stack memory disclosure in filemd5 command

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

CVE-2026-4147

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

Stack memory disclosure in filemd5 command

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

CVE-2026-4147

The CVE-2026-4147 entry describes an issue where an authenticated user with the read role can read limited amounts of uninitialized stack memory through specially crafted issuances of the filemd5 command. Root cause: exposure of uninitialized stack memory during filemd5 handling. Impact: potentia...

PX4-Autopilot 安全漏洞

PX4-Autopilot is an open-source drone autopilot system developed by PX4. Versions of PX4-Autopilot prior to 1.17.0-rc2 contained security vulnerabilities. These vulnerabilities stemmed from tattucan’s use of unbounded memory copying during its multi-frame assembly cycle, which could lead to stack...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005692)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005692 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre...

CVE-2025-29950

Improper input validation in system management mode SMM could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution...

libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication

A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in...

OpenSatKit 安全漏洞

OpenSatKit is an open-source application development toolkit developed by OpenSatKit. Version 2.2.1 of OpenSatKit contains a security vulnerability. This vulnerability stems from a stack buffer overflow during the copy operation of the DirName field, which may lead to overwriting of adjacent stac...