117 matches found
PT-2026-44997
Name of the Vulnerable Software and Affected Versions Exim versions 4.88 through 4.99.3 Description In certain proxy configurations, the PROXY-protocol parser mishandles short payloads, resulting in a pre-authentication information disclosure. This issue allows the leakage of uninitialized stack...
CVE-2026-45865
The CVE-2026-45865 issue concerns the Linux kernel MCTP over I2C implementation. A read handling bug caused i2c reads from an mctp-i2c device to return 0xff instead of the data provided by the I2C bus driver, leaving the reads effectively biased to 0xff. The root cause is described as an uninitia...
EUVD-2026-27783
In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2c read will return an uninitialised value from the bus driver...
CVE-2026-43221
In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2c read will return an uninitialised value from the bus driver...
CVE-2026-43221 ipmi: ipmb: initialise event handler read bytes
In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2c read will return an uninitialised value from the bus driver...
CLSA-2026-1776430866 binutils: Fix of 5 CVEs
CVE-2022-44840: fix heap buffer overflow in findsectioninset in dwarf.c - CVE-2023-25584: fix lack of bounds checking in vms-alpha.c parsemodule - CVE-2022-47673: fix OOB reads in parsemodule - CVE-2022-47696: fix uninitialised thebfd field in mach-o.c synthetic symbols - CVE-2022-45703: fix heap...
CVE-2026-23282
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...
UBUNTU-CVE-2026-23282
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...
CVE-2026-23282 smb: client: fix oops due to uninitialised var in smb2_unlink()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...
CVE-2026-23140
In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Subtract size of xdpframe from allowed metadata size The xdpframe structure takes up part of the XDP frame headroom, limiting the size of the metadata. However, in bpftestrun, we don't take this into account, which...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38086)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38086 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: ch9200: fix uninitialised access...
kernel: cifs: Fix oops due to uninitialised variable
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uninitialised variable Fix smb3inittransformrq to initialise buffer to NULL before calling netfsallocfolioqbuffer as netfs assumes it can append to the buffer it is given. Setting it to NULL means it should...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nfconntrack: A crash occurred due to the removal of an uninitialized entry. A crash occurred when attempting to remove the conntrack entry from the hash bucket list: Exception RIP: nfctdeletefromlists+172 .. 7...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Properly clear the vmci transport packet when initializing it. In vmcitransportpacketinit, memset is used to clear the vmcitransportpacket before populating the fields, to avoid any uninitialized data remaining in the...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: cifs: Fixed an oops due to uninitialized variables. Fixed smb3inittransformrq, by initializing the buffer to NULL before calling netfsallocfolioqbuffer. This is because netfs assumes that it can append to the buffer it is give...
EUVD-2006-1859
Malware in sbrugna...
EUVD-2018-18236
Malware in sbrugna...
kernel security update
An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
RockyLinux 9 : kernel (RLSA-2025:11861)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:11861 advisory. kernel: media: uvcvideo: Fix double free in error path CVE-2024-57980 kernel: wifi: iwlwifi: limit printed string from FW file CVE-2025-21905 kernel:...