PT-2026-44997

Name of the Vulnerable Software and Affected Versions Exim versions 4.88 through 4.99.3 Description In certain proxy configurations, the PROXY-protocol parser mishandles short payloads, resulting in a pre-authentication information disclosure. This issue allows the leakage of uninitialized stack...

CVE-2026-45865

The CVE affects the Linux kernel mctp i2c subsystem. The issue arises in the i2c event handler read path where reads could return an uninitialised value (stack u8) for i2c-aspeed and i2c-npcm7xx; a fix now sets reads to 0xff. Affected scenario involves mctp-i2c devices and reads such as i2ctransf...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrack: fixed a crash that occurred due to the removal of an uninitialized entry. A crash occurred when trying to remove the conntrack entry from the hash bucket list: exception RIP: nfctdeletefromlists+172 .. 7...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an oops due to uninitialized variables. Fixed the smb3inittransformrq function by initializing the buffer to NULL before calling netfsallocfolioqbuffer. This is because netfs assumes that it can append to the buffer i...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: The vmci transport packet must be cleared properly when initializing it. In vmcitransportpacketinit, memset is used to clear the vmcitransportpacket before populating the fields, to prevent any uninitialized data from...

EUVD-2026-27783

In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2c read will return an uninitialised value from the bus driver...

CVE-2026-43221

In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2c read will return an uninitialised value from the bus driver...

CVE-2026-43221 ipmi: ipmb: initialise event handler read bytes

In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2c read will return an uninitialised value from the bus driver...

CLSA-2026-1776430866 binutils: Fix of 5 CVEs

CVE-2022-44840: fix heap buffer overflow in findsectioninset in dwarf.c - CVE-2023-25584: fix lack of bounds checking in vms-alpha.c parsemodule - CVE-2022-47673: fix OOB reads in parsemodule - CVE-2022-47696: fix uninitialised thebfd field in mach-o.c synthetic symbols - CVE-2022-45703: fix heap...

UBUNTU-CVE-2026-23282

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...

CVE-2026-23282

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...

CVE-2026-23282 smb: client: fix oops due to uninitialised var in smb2_unlink()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...

CVE-2026-23140

In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Subtract size of xdpframe from allowed metadata size The xdpframe structure takes up part of the XDP frame headroom, limiting the size of the metadata. However, in bpftestrun, we don't take this into account, which...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38086)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38086 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: ch9200: fix uninitialised access...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel: cifs: Fix oops due to uninitialised variable

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uninitialised variable Fix smb3inittransformrq to initialise buffer to NULL before calling netfsallocfolioqbuffer as netfs assumes it can append to the buffer it is given. Setting it to NULL means it should...

EUVD-2018-18236

Malware in sbrugna...

EUVD-2006-1859

Malware in sbrugna...

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

RockyLinux 9 : kernel (RLSA-2025:11861)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:11861 advisory. kernel: media: uvcvideo: Fix double free in error path CVE-2024-57980 kernel: wifi: iwlwifi: limit printed string from FW file CVE-2025-21905 kernel:...