media: vidtv: fix pass-by-value structs causing MSAN warnings

...

CVE-2026-43058 media: vidtv: fix pass-by-value structs causing MSAN warnings

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix pass-by-value structs causing MSAN warnings vidtvtsnullwriteinto and vidtvtspcrwriteinto take their argument structs by value, causing MSAN to report uninit-value warnings. While only vidtvtsnullwriteinto has...

CVE-2026-43058

The CVE covers a Linux kernel issue in media: vidtv where vidtv_ts_null_write_into() and vidtv_ts_pcr_write_into() take their argument structs by value, triggering MSAN warnings for uninitialized data. The root cause is stack-copy of the structs; the patch changes the functions to accept them by ...

CVE-2019-2104

In HIDL, safeunion, and other C++ structs/unions being sent to application processes, there are uninitialized fields. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990129)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990129 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989597)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989597 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga For pptable structs that use...

EUVD-2019-11746

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986559)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986559 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array...

EUVD-2024-2210

Malicious code in bioql PyPI...

SUSE CVE-2025-38531

In the Linux kernel, the following vulnerability has been resolved: iio: common: stsensors: Fix use of uninitialize device structs Throughout the various probe functions &indiodev-dev is used before it is initialized. This caused a kernel panic in stsensorspowerenable when the call to...

CVE-2025-38531

In the Linux kernel, the following vulnerability has been resolved: iio: common: stsensors: Fix use of uninitialize device structs Throughout the various probe functions &indiodev-dev is used before it is initialized. This caused a kernel panic in stsensorspowerenable when the call to...

AZL-70454 CVE-2025-38531 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: iio: common: stsensors: Fix use of uninitialize device structs Throughout the various probe functions &indiodev-dev is used before it is initialized. This caused a kernel panic in stsensorspowerenable when the call to...

AZL-66362 CVE-2025-38531 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: iio: common: stsensors: Fix use of uninitialize device structs Throughout the various probe functions &indiodev-dev is used before it is initialized. This caused a kernel panic in stsensorspowerenable when the call to...

CVE-2025-38531

CVE-2025-38531 affects the Linux kernel IIO common/st_sensors code. The issue arises from using uninitialized indio_dev->dev in probe paths, which can trigger a kernel panic in st_sensors_power_enable() when devm_regulator_bulk_get_enable() fails and later calls dev_err_probe() with an uniniti...

CVE-2025-38531

In the Linux kernel, the following vulnerability has been resolved: iio: common: stsensors: Fix use of uninitialize device structs Throughout the various probe functions dev-dev is used before it is initialized. This caused a kernel panic in stsensorspowerenable when the call to...

CVE-2025-38531 iio: common: st_sensors: Fix use of uninitialize device structs

In the Linux kernel, the following vulnerability has been resolved: iio: common: stsensors: Fix use of uninitialize device structs Throughout the various probe functions &indiodev-dev is used before it is initialized. This caused a kernel panic in stsensorspowerenable when the call to...

CVE-2025-38531 iio: common: st_sensors: Fix use of uninitialize device structs

In the Linux kernel, the following vulnerability has been resolved: iio: common: stsensors: Fix use of uninitialize device structs Throughout the various probe functions &indiodev-dev is used before it is initialized. This caused a kernel panic in stsensorspowerenable when the call to...

Linux Distros Unpatched Vulnerability : CVE-2024-37298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running schema.Decoder.Decode on a struct that has a field of type struct... ope...

CLSA-2025-1746792031 golang: Fix of 2 CVEs

CVE-2024-34156: prevent prevents stack exhaustion when attempting to decode a message that contains an extremely deeply nested struct - CVE-2023-45287: replace big.Int for encryption and decryption...

gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization

A flaw was found in the gorilla/schema package. Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of schema.Decoder.Decode on a struct with arrays ...