1525 matches found
CVE-2026-53167
A flaw was found in the Linux kernel's FUSE Filesystem in Userspace component. The FUSENOTIFYRETRIEVE operation did not properly restrict access to up-to-date folios, potentially allowing the exposure of uninitialized data from the page cache. This information disclosure vulnerability could allow...
CVE-2026-53082
A flaw was found in the 6pack hamradio driver within the Linux kernel. This vulnerability occurs because the system does not properly handle data with communication errors, causing it to process uninitialized information. An attacker with local access could potentially exploit this to gain...
freerdp security update
An update is available for freerdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released...
CVE-2026-53218
The vulnerability CVE-2026-53218 affects the Linux kernel netfilter nft_exthdr code. The root cause is in register tracking when the NFT_EXTHDR_F_PRESENT flag is used: nft_exthdr_init() passes user-controlled priv->len to nft_parse_register_store(), which marks that many bytes in the register ...
EUVD-2026-39258
In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSENOTIFYRETRIEVE to uptodate folios FUSENOTIFYRETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since FUSENOTIFYRETRIEVE is intended to only return data that is already in...
CVE-2026-53167
In the Linux kernel, CVE-2026-53167 concerns FUSE_NOTIFY_RETRIEVE: the operation must be limited to uptodate folios because !uptodate folios may contain uninitialized data. The fix ensures FUSE_NOTIFY_RETRIEVE only returns data already present in the page cache and does not wait for data from the...
Astra Linux – Vulnerability in Samba
A flaw was discovered in Samba. Users of Samba AD can cause the server to access uninitialized data through an LDAP add or modify request, typically resulting in a segmentation fault...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Use kzalloc for sev ioctl interfaces to prevent kernel memory leaks. For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data returned by the PSP...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free remote desktop protocol library and client. All FreeRDP-based clients that use the /video command-line switch may read uninitialized data, interpret it as audio/video, and display the result. Server implementations based on FreeRDP are not affected by this issue. This issue has...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Staging: For gpib, a bug was fixed where an unset padding field was copied back to the user space. The introduction of a padding field in the gpibboardinfoioctl function appears as initialized data on the stack frame that is copi...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fixed an issue where an uninitialized value was present in idmouseopen. In idmousecreateimage, if any ftipcommand fails, it will proceed to the reset label. However, this results in the data in...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: block: Fixed an incorrect offset in biotruncate The biotruncate function clears the buffer outside of the last block of bdev. However, the current implementation of biotruncate uses the wrong offset for the page. As a result, it...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free remote desktop protocol library and clients. Clients based on FreeRDP on Unix systems that use the /parallel command-line switch may read uninitialized data and send it to the server to which the client is currently connected. Server implementations based on FreeRDP are not...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace “skbPut” with “skbPutZero” Avoid potentially reusing uninitialized data...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Do not pass a stopped vif to the driver in .gettxpower. Avoid potentially crashing the driver due to uninitialized private data...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to avoid accessing uninitialized data in f2fssanitychecknodefooter. syzbot reported the following bug: BUG: KMSAN: Access to uninitialized data in f2fssanitychecknodefooter+0x374/0xa20; file...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ppp: Fixed the “KMSAN: uninit-value” warning with bpf. Syzbot detected a “KMSAN: uninit-value” warning 1. This issue arises because the ppp driver does not initialize a 2-byte header when using socket filter. The following code c...
Astra Linux – Vulnerability in Linux
A issue was discovered in the Linux kernel before version 5.11.11. The qrtrrecvmsg function in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory due to a partially uninitialized data structure, identified as CID-50535249f624...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: - In pptp: ensure that the minimum skb length is properly set in pptpxmit. - Commit aabc6596ffb3 “net: ppp: Add bound checking for skb data in pppsynctxmung” fixed pppsynctxmunge. We need a similar fix in pptpxmit; otherwise, ...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv4: Fixed access to uninit-value in ipmakeskb. KMSAN reported access to uninit-value in ipmakeskb. ipmakeskb checks HDRINCL to determine whether the skb contains icmphdr. However, HDRINCL can cause a race condition. If...