Lucene search
K

23 matches found

RedhatCVE
RedhatCVE
added 2026/05/28 5:15 p.m.12 views

CVE-2026-46182

A flaw was found in the Linux kernel, specifically within the pseries/papr-hvpipe module. This vulnerability could allow a local user to gain access to uninitialized kernel stack memory. The issue arises because certain padding bytes in a data structure are not cleared before being sent to...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/21 2:35 p.m.35 views

CVE-2021-47339 media: v4l2-core: explicitly clear ioctl input data

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: explicitly clear ioctl input data As seen from a recent syzbot bug report, mistakes in the compat ioctl implementation can lead to uninitialized kernel stack data getting used as input for driver ioctl handlers...

6.2AI score0.00236EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/07/06 12:0 a.m.4 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google Inc. in the United States. Google Android suffers from a security vulnerability that stems from allowing uninitialized kernel memory to be returned to user space...

5.5CVSS5.7AI score0.00087EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/12/02 12:0 a.m.45 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5962)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5962 advisory. - drm/vmwgfx: Make sure backuphandle is always valid Sinclair Yeh Orabug: 31352076 CVE-2017-9605 - random32: move the pseudo-random 32-bit...

5.5CVSS6.7AI score0.05228EPSS
Exploits0References3
Virtuozzo
Virtuozzo
added 2020/07/06 12:0 a.m.203 views

Important kernel security update: Virtuozzo ReadyKernel patch 110.0 for Virtuozzo Hybrid Server 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0 and Virtuozzo Hybrid Infrastructure 3.5

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.0 and Virtuozzo Infrastructure Platform. Vulnerability id: CVE-2020-10711 3.10.0-862.20.2.vz7.73.24 to 3.10.0-1062.12.1.vz7.131.10...

5.9CVSS6.5AI score0.03097EPSS
Exploits1References12
RedhatCVE
RedhatCVE
added 2019/12/13 10:21 p.m.45 views

CVE-2019-19535

A flaw was found in the Linux kernel’s implementation of the Peak CANBUS USB device driver. An information leak caused by the device could allow a local attacker to possibly gain private information from uninitialized kernel memory...

4.6CVSS3.7AI score0.00504EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2019/10/12 1:30 a.m.51 views

CVE-2017-16994

The walkhugetlbrange function in 'mm/pagewalk.c' file in the Linux kernel from v4.0-rc1 through v4.15-rc1 mishandles holes in hugetlb ranges. This allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore system call...

5.5CVSS3AI score0.02084EPSS
Exploits5References1
exploitpack
exploitpack
added 2019/01/30 12:0 a.m.27 views

iOSmacOS 10.13.6 - if_ports_used_update_wakeuuid() 16-byte Uninitialized Kernel Stack Disclosure

iOSmacOS 10.13.6 - ifportsusedupdatewakeuuid 16-byte Uninitialized Kernel Stack Disclosure / macOS 10.13.4 introduced the file bsd/net/ifportsused.c, which defines sysctls for inspecting ports, and added the function IOPMCopySleepWakeUUIDKey to the file iokit/Kernel/IOPMrootDomain.cpp. Here's the...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/01/09 12:0 a.m.54 views

Microsoft Windows - nt!NtQuerySystemInformation (information class 138, QueryMemoryTopologyInformati

Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQuerySystemInformation system call invoked with the 138 information class discloses portions of uninitialized kernel pool memory to user-mode clients. The specific information class is handled by an internal...

1.9CVSS5.4AI score0.04075EPSS
Exploits1
Cvelist
Cvelist
added 2017/11/27 7:0 p.m.33 views

CVE-2017-16994

The walkhugetlbrange function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore system call...

5.7AI score0.02084EPSS
Exploits5References13
Debian CVE
Debian CVE
added 2017/11/27 7:0 p.m.32 views

CVE-2017-16994

The walkhugetlbrange function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore system call...

5.5CVSS6.3AI score0.02084EPSS
Exploits5
NVD
NVD
added 2017/10/04 1:29 a.m.18 views

CVE-2017-14991

The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SGGETREQUESTTABLE ioctl call for /dev/sg0...

5.5CVSS4.9AI score0.00414EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2017/10/03 7:0 a.m.27 views

CVE-2017-14991

The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SGGETREQUESTTABLE ioctl call for /dev/sg0...

5.5CVSS6.2AI score0.00414EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/10/03 12:0 a.m.29 views

CVE-2017-14991

The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SGGETREQUESTTABLE ioctl call for /dev/sg0...

5.5CVSS6.8AI score0.00414EPSS
Exploits0References5
0day.today
0day.today
added 2017/09/18 12:0 a.m.110 views

Microsoft Windows Kernel - win32k!NtGdiDoBanding Stack Memory Disclosure Exploit

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1304 We have discovered that the win32k!NtGdiDoBanding system call discloses portions of uninitialized kernel stack memory to user-mode clients. More specifically, exactly 8 byte...

2.1CVSS7.2AI score0.0423EPSS
Exploits2
Exploit DB
Exploit DB
added 2017/06/22 12:0 a.m.64 views

Microsoft Windows - 'nt!NtQueryInformationProcess (ProcessVmCounters)' Kernel Stack Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1190&desc=2 We have discovered that the nt!NtQueryInformationProcess system call called with the ProcessVmCounters information class discloses portions of uninitialized kernel stack memory to user-mode clients, due to output...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2017/06/16 11:56 a.m.33 views

CVE-2017-9605

The vmwgbsurfacedefineioctl function accessible via DRMIOCTLVMWGBSURFACECREATE in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.11.4 defines a backuphandle variable but does not give it an initial value. If one attempts to create a GB surface, with a previously allocated DM...

5.5CVSS3.3AI score0.00384EPSS
Exploits0References1
Prion
Prion
added 2017/06/13 7:29 p.m.23 views

Buffer overflow

The vmwgbsurfacedefineioctl function accessible via DRMIOCTLVMWGBSURFACECREATE in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.11.4 defines a backuphandle variable but does not give it an initial value. If one attempts to create a GB surface, with a previously allocated DM...

4.9CVSS6AI score0.00384EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2017/06/13 7:0 p.m.143 views

CVE-2017-9605

CVE-2017-9605 affects the Linux kernel (up to and including 4.11.4) via the vmw_gb_surface_define_ioctl path (DRM_IOCTL_VMW_GB_SURFACE_CREATE) in vmwgfx_surface.c. The defect is that backup_handle is defined but not initialized, so when creating a GB surface with a previously allocated DMA buffer...

5.5CVSS5.5AI score0.00384EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2017/06/13 12:0 a.m.28 views

CVE-2017-9605

The vmwgbsurfacedefineioctl function accessible via DRMIOCTLVMWGBSURFACECREATE in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.11.4 defines a backuphandle variable but does not give it an initial value. If one attempts to create a GB surface, with a previously allocated DM...

5.5CVSS6.9AI score0.00384EPSS
Exploits0References10
Rows per page
Query Builder