Lucene search
K

14 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying it to the user. A zero initialization was missed here. Most of the struct is filled using a copyfromuser function; however, the minsz parameter for that copy is 8 bytes...

5.3AI score0.00145EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.4 views

SUSE CVE-2023-54137

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: fix capmigration information leak Fix an information leak where an uninitialized hole in struct vfioiommutype1infocapmigration on the stack is exposed to userspace. The definition of struct...

6.3CVSS6.4AI score0.0018EPSS
Exploits0References17
OSV
OSV
added 2025/12/24 1:16 p.m.5 views

UBUNTU-CVE-2023-54137

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: fix capmigration information leak Fix an information leak where an uninitialized hole in struct vfioiommutype1infocapmigration on the stack is exposed to userspace. The definition of struct...

5.7AI score0.0018EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/12/24 1:6 p.m.24 views

CVE-2023-54137 vfio/type1: fix cap_migration information leak

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: fix capmigration information leak Fix an information leak where an uninitialized hole in struct vfioiommutype1infocapmigration on the stack is exposed to userspace. The definition of struct...

0.0018EPSS
Exploits0References6
NVD
NVD
added 2025/12/24 11:15 a.m.5 views

CVE-2023-54034

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...

0.00145EPSS
Exploits0References2
OSV
OSV
added 2025/12/24 11:15 a.m.4 views

UBUNTU-CVE-2023-54034

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...

5.7AI score0.00145EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/24 10:56 a.m.26 views

CVE-2023-54034 iommufd: Make sure to zero vfio_iommu_type1_info before copying to user

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...

0.00145EPSS
Exploits0References2
CVE
CVE
added 2025/12/24 10:56 a.m.13 views

CVE-2023-54034

The CVE-2023-54034 issue affects the Linux kernel iommufd path where vfio_iommu_type1_info is copied to user space. The root cause is a missing zero initialization: most of the struct is copied with copy_from_user(), but minsz is smaller than the struct by 8 bytes, leaving the padding uninitializ...

6.1AI score0.00145EPSS
Exploits0References2
OSV
OSV
added 2025/12/24 10:56 a.m.7 views

CVE-2023-54034 iommufd: Make sure to zero vfio_iommu_type1_info before copying to user

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...

6.3AI score0.00145EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.3 views

PT-2025-52991

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A missing zero initialization exists in the iommufd component of the Linux kernel. Specifically, the vfio iommu type1 info structure is not fully initialized to zero before data is copie...

6.2AI score0.00145EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uninitialized vulnerability in the vfioiommutype1infocapmigration structure, which could lead to...

5.9AI score0.0018EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-54137

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vfio/type1: fix capmigration information leak Fix an information leak where an uninitialized hole in struct vfioiommutype1infocapmigration on the stack is...

6.2AI score0.0018EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.3 views

kernel: Kernel (iommufd): Information Disclosure via uninitialized memory padding

A flaw was found in the kernel. A local attacker could exploit this by triggering a missing zero initialization in the iommufd component when copying vfioiommutype1info to user space. This could lead to the disclosure of sensitive information from uninitialized memory padding...

5.7AI score0.00145EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/08/16 12:0 a.m.4 views

PT-2025-53214

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an information leak in the vfio/type1 subsystem. A hole in the vfio iommu type1 info cap migration structure is not initialized, potentially exposing data to...

4.6CVSS6.1AI score0.0018EPSS
Exploits0
Rows per page
Query Builder