Lucene search
K

2136 matches found

SUSE CVE
SUSE CVE
added 2026/06/28 1:8 a.m.8 views

SUSE CVE-2026-53311

In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fusedentryrevalidate fusedentryrevalidate may be called with a dentry that didn't had -dtime initialised. The issue was found with KMSAN, where lookupopen calls dalloc, followed by drevalidate, as shown...

5.7AI score0.00112EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:14 a.m.8 views

sctp: fix uninit-value in __sctp_rcv_asconf_lookup()

...

9.1CVSS5.8AI score0.00544EPSS
Exploits0
OSV
OSV
added 2026/06/26 8:17 p.m.6 views

DEBIAN-CVE-2026-53311

In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fusedentryrevalidate fusedentryrevalidate may be called with a dentry that didn't had -dtime initialised. The issue was found with KMSAN, where lookupopen calls dalloc, followed by drevalidate, as shown...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53311

In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fusedentryrevalidate fusedentryrevalidate may be called with a dentry that didn't had -dtime initialised. The issue was found with KMSAN, where lookupopen calls dalloc, followed by drevalidate, as shown...

5.5CVSS0.00112EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 7:41 p.m.7 views

EUVD-2026-39846

In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fusedentryrevalidate fusedentryrevalidate may be called with a dentry that didn't had -dtime initialised. The issue was found with KMSAN, where lookupopen calls dalloc, followed by drevalidate, as shown...

5.7AI score0.00112EPSS
Exploits0References3
CVE
CVE
added 2026/06/26 7:41 p.m.13 views

CVE-2026-53311

CVE-2026-53311 affects the Linux kernel’s FUSE subsystem: fuse_dentry_revalidate() may be invoked with a dentry whose d_time has not been initialised, originating from KMSAN observations during path resolution (lookup_open/d_revalidate). Multiple vendors and feeds document the fix as resolving th...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/26 7:41 p.m.6 views

CVE-2026-53311

In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fusedentryrevalidate fusedentryrevalidate may be called with a dentry that didn't had -dtime initialised. The issue was found with KMSAN, where lookupopen calls dalloc, followed by drevalidate, as shown...

5.5CVSS5.7AI score0.00112EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.13 views

PT-2026-52950

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where the fuse dentry revalidate function may be called with a dentry that has an uninitialized d time variable. This behavior was identified using KMSAN, occurring when...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References17
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53170

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject DMA commands with uninitialized length cmdstateinit initializes the command state with memset0xff, leaving dma-len at U64MAX to signal missing setup. The only setter is NPUSETDMA0LEN; if userspace omits this...

8.8CVSS0.00137EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS5.6AI score0.00544EPSS
Exploits0
EUVD
EUVD
added 2026/06/24 6:32 p.m.7 views

EUVD-2026-38897

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent uninitialized lcn caused by zero len syzbot reported a uninit-value in ntfsiomapbegin 1. Since runs was not touched yet, runlookupentry immediately fails and returns false, which makes the value of "len" 0...

5.7AI score0.00172EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38853

In the Linux kernel, the following vulnerability has been resolved: netdevsim: zero initialize struct iphdr in dummy skbuff Syzbot reports a KMSAN uninit-value originating from nsimdevtrapskbbuild, with the allocation also being performed in the same function. Fix this by calling skbputzero inste...

5.7AI score0.00176EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53029

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent uninitialized lcn caused by zero len syzbot reported a uninit-value in ntfsiomapbegin 1. Since runs was not touched yet, runlookupentry immediately fails and returns false, which makes the value of "len" 0...

0.00172EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 4:29 p.m.4 views

CVE-2026-53029 fs/ntfs3: prevent uninitialized lcn caused by zero len

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent uninitialized lcn caused by zero len syzbot reported a uninit-value in ntfsiomapbegin 1. Since runs was not touched yet, runlookupentry immediately fails and returns false, which makes the value of "len" 0...

5.8AI score0.00172EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: Initializing the event handler for read bytes A value of 0xff was set for I2C reads of the mctp-i2c device. Otherwise, reads will return “val” from the I2C bus driver. For I2c-aspeed and i2c-npcm7xx, this represents an...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in hdf5

The HDF5 library from version 1.14.3 may use an uninitialized value in the H5Aattrreleasetable field within the H5Aint.c file...

9.8CVSS7.2AI score0.00951EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.6 views

PT-2026-51976

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the sixpack receive buf function where bytes with TTY error flags are not properly skipped. The function iterates through the flags buffer without advancing the data...

6AI score0.00164EPSS
Exploits0References17
Debian CVE
Debian CVE
added 2026/06/23 4:18 p.m.6 views

CVE-2026-56968

GNU SASL before 2.2.4 lacks sanitization of a short challenge in gsaslntlmclientstep in the NTLM client, which could result in memory disclosure via a crafted server...

5.3CVSS5.8AI score0.00241EPSS
Exploits1
OSV
OSV
added 2026/06/08 12:20 a.m.20 views

OSV-2026-889 Use-of-uninitialized-value in vp8_compute_skin_block

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520701729 Crash type: Use-of-uninitialized-value Crash state: vp8computeskinblock encodeframetodatarate vp8getcompresseddata...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/06/07 12:9 a.m.10 views

OSV-2026-872 Use-of-uninitialized-value in vpx_variance16x16_avx2

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520181861 Crash type: Use-of-uninitialized-value Crash state: vpxvariance16x16avx2 vp8pickintramode vp8cxencodeintramacroblock...

5.4AI score
Exploits0References1
Rows per page
Query Builder