12 matches found
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021628)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021628 advisory. In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in...
CVE-2026-31640 rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpcpostresponse, the code should be comparing the challenge serial number from the cached response before deciding to switch to a newer response, but...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-404228)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-404228 advisory. In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in...
net: can: j1939: Initialize unused data in j1939_send_one()
...
DEBIAN-CVE-2024-42076
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...
AZL-47219 CVE-2024-42076 affecting package kernel for versions less than 6.6.43.1-7
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...
UBUNTU-CVE-2024-42076
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...
CVE-2024-42076 net: can: j1939: Initialize unused data in j1939_send_one()
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...
CVE-2024-42076 net: can: j1939: Initialize unused data in j1939_send_one()
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...
CVE-2024-42076
The CVE-2024-42076 entry relates to the Linux kernel net/can/j1939 path, where j1939_send_one() allocated a full frame but did not initialize unused data, enabling a kernel-infoleak via raw_recvmsg() paths observed by syzbot. The root cause is uninitialized memory in the frame allocation (Bytes 1...
OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)
It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory...
OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)
It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory...