Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: All fields in the dumped nexthops structures need to be initialized. The struct nexthopgrp structure contains two reserved fields that are not initialized by nlaputnhgroup. These fields contain garbage values. This...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ath9khtc: fixed uninitialized values issues Syzbot reported 2 KMSAN bugs in ath9k. All of these bugs are caused by missing field initialization. In htcconnectservice, svcmetalen and pad are not initialized. Based on the code, ...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the USB Yurex driver’s detection process. During this process, the BBU members are not set to an...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fixed the issue where uninitialized values were used in the extentinfo structure during the isextentmergeable and isbackmergeable functions, through the read extent tree path. The root cause is that the getreadextentinfo...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from uninitialized reserved fields in response structures, potentially leading to kernel stack leaks...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004099)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004099 advisory. In the Linux kernel before 5.2.14, rds6incinfocopy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags...

CVE-2025-71113 crypto: af_alg - zero initialize memory allocated via sock_kmalloc

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

CVE-2019-2104

In HIDL, safeunion, and other C++ structs/unions being sent to application processes, there are uninitialized fields. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

PT-2025-49650

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0+ 1 Description The Linux kernel contains an issue in the bpf memory allocator where a freed element may be immediately reused. For htab maps, this reuse can reinitialize special fields in map values, but...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from uninitialized qp-req.task.func and qp-req.task.arg, which could lead to a null pointer dereference...

EUVD-2019-7264

Malware in sbrugna...

EUVD-2019-11746

Malware in sbrugna...

EUVD-2022-54991

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-39812

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: initialize more fields in sctpv6fromsk syzbot found that sin6scopeid was not properly initialized, leading to undefined behavior. Clear sin6scopeid and...

CVE-2025-39812

CVE-2025-39812: In the Linux kernel SCTP implementation, the vulnerability stems from not initializing sin6_scope_id in sctp_v6_from_sk(), which can cause undefined behavior. The fix clears sin6_scope_id and sin6_flowinfo to prevent use of uninitialized data in the IPv6 SCTP path. Affected contex...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not initializing all fields of the file lock structure, which could lead to a null pointer dereference...

SUSE CVE-2025-38403

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmcitransportpacketinit memset the vmcitransportpacket before populating the fields to avoid any uninitialised data being left in the structure...

PT-2025-33777

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contained a flaw within the f2fs file system related to uninitialized values in the extent info structure. Specifically, the get read extent info function only...

UBUNTU-CVE-2022-49845

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sendone: fix missing CAN header initialization The read access to struct canxlframe::len inside of a j1939 created skbuff revealed a missing initialization of reserved and later filled elements in struct canframe...

CVE-2025-21959 netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...