2104 matches found
OSV-2026-828 Use-of-uninitialized-value in ReadContainer
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517870853 Crash type: Use-of-uninitialized-value Crash state: ReadContainer PKImageDecodeInitializeWMP PKCodecFactoryCreateDecoderFromFile...
CVE-2026-47336
Ubuntu Linux 6.8 is affected by a SAUCE patch issue in AppArmor AF_INET/AF_INET6 socket mediation code due to an uninitialized variable, exploitable by an unprivileged local user and potentially causing incorrect fine-grained mediation of network sockets. The CVE description and related documents...
CVE-2026-47330
Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches that can use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses. Affected component: AppArmor/notif...
CVE-2026-47330 Use of uninitialized value in Ubuntu Linux AppArmor notification handling
Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses...
CVE-2026-46169
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplusstrcasecmp. The root cause is that hfsbrecread doesn't validate that the on-disk record size matches the expected si...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from hfsplus not verifying the size of directory records. This could lead to uninitialized value issue...
PT-2026-43732
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: hsr: Fixed uninit-value access in hsrgetnode KMSAN reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in hsrgetnode+0xa2e/0xa40...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: virtio/vsock: Fixed an uninit-value issue in virtiotransportrecvpkt. KMSAN reported the following uninit-value access issues: ===================================================== BUG: KMSAN: uninit-value in...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: hfsplus: fixed the KMSAN uninit-value issue in hfsplusextcacheextent The syzbot reported an issue in hfsplusextcacheextent: 70.194323 T9350 BUG: KMSAN: uninit-value in hfsplusextcacheextent+0x7d0/0x990 70.195022 T9350...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: jfs: Fixed the uninit-value access to imap allocated in the diMount function. The syzbot reports that hexdumptobuffer uses uninit-value: ===================================================== BUG: KMSAN: uninit-value in...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: Fixed an uninitialized value in ocfs2filereaditer. Syzbot has reported the following KMSAN errors: BUG: KMSAN: Uninitialized value in ocfs2filereaditer+0x9a4/0xf80; ocfs2filereaditer+0x9a4/0xf80; ioread+0x8d4/0x20f0;...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: hfs: fixed the KMSAN uninit-value issue in hfsfindsetzerobits The syzbot reported an issue in hfsfindsetzerobits: ===================================================== BUG: KMSAN: uninit-value in hfsfindsetzerobits+0x74d/0xb60...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: A potential uninit-value access in ip6makeskb has been fixed. Just as it was done in the commit fc1092f51567 „ipv4: Fix uninit-value access in ipmakeskb for IPv4, check FLOWIFLAGKNOWNNH on fl6-flowi6flags. Instead of testin...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: ppp: fixed illegal access in pppasyncencode syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mac80211: Only track QoS data frames for admission control. For admission control, it clearly only applies to QoS data frames. Otherwise, we wouldn’t even be able to access the QoS field in the header. Syzbot reported an...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: tipc: Changed the nlapolicy for bearer-related names to NLANULSTRING. The syzbot reported the following uninit-value access issues 1: ===================================================== BUG: KMSAN: uninit-value in strlen in...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: vxlan: Fixed an uninitialized value in vxlanvnifilterdump. KMSAN reported an uninitialized value access in vxlanvnifilterdump. If the length of the netlink message payload is less than sizeofstruct tunnelmsg, vxlanvnifilterdum...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs: init flagsvalid before calling vfsfileattrget syzbot reported a uninit-value bug in 1. Similar to the “get” context, where the kernel’s filekattr structure is initialized before calling vfsfileattrget, we should use the same...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: hsr: Fixed uninit-value access in fillframeinfo Syzbot reports the following uninit-value access problems. ===================================================== BUG: KMSAN: uninit-value in fillframeinfo net/hsr/hsrforward.c:60...