xfrm: clear trailing padding in build_polexpire()

...

CVE-2026-31664

The CVE-2026-31664 issue resides in the Linux kernel xfrm subsystem: build_polexpire() fails to clear trailing padding in struct xfrm_user_polexpire, leaving uninitialized heap bytes that are sent to userspace via netlink multicast (XFRMNLGRP_EXPIRE). The consequence is potential leakage of kerne...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from unremoved trailing padding in the buildpolexpire function. This vulnerability may lead to a kerne...

DEBIAN-CVE-2024-39488

In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...

CVE-2024-39488 arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY

In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...