PT-2026-47385

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A local user can cause an infinite loop in the kernel context by crafting a self-referential extension where ext-next == &ext with zero in sync count and out sync count. This occurs...

CVE-2026-45892

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache after doing PARTIALVALID1 zeroout When splitting an unwritten extent in the middle and converting it to initialized in ext4splitextent with the EXT4EXTMAYZEROOUT and EXT4EXTDATAVALID2 flags set, it could...

UBUNTU-CVE-2026-45892

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache after doing PARTIALVALID1 zeroout When splitting an unwritten extent in the middle and converting it to initialized in ext4splitextent with the EXT4EXTMAYZEROOUT and EXT4EXTDATAVALID2 flags set, it could...

PT-2026-43725

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system when allocating initialized blocks from a large unwritten extent or splitting an unwritten extent during end I/O. A potential for stale data occur...

EUVD-2026-27744

In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely. This prevents any stray bytes to be picked up by the client side when there the message is exchange...

CVE-2026-43089

CVE-2026-43089 : In the Linux kernel, the xfrm_user component exposes an information-disclosure vulnerability caused by a one-byte padding hole in struct xfrm_usersa_id that was not zeroed before copying to userspace. The fix zeros the entire structure before setting fields (build_mapping path). ...

SUSE CVE-2022-50642

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: zero out stale pointers crostypecgetswitchhandles allocates four pointers when obtaining type-c switch handles. These pointers are all freed if failing to obtain any of them; therefore, pointers in...

CVE-2022-50642

CVE-2022-50642 concerns the Linux kernel’s platform/chrome: cros_ec_typec component. It describes a use-after-free/double-free risk caused by stale pointers in port after cros_typec_get_switch_handles allocates four pointers and frees them if any allocation fails. The documented fix zeroes out al...

PT-2025-49622

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the platform/chrome: cros ec typec component where stale pointers can occur after freeing memory in the cros typec get switch handles function. This...

SUSE CVE-2022-50465

In the Linux kernel, the following vulnerability has been resolved: ext4: fix leaking uninitialized memory in fast-commit journal When space at the end of fast-commit journal blocks is unused, make sure to zero it out so that uninitialized memory is not leaked to disk...

UBUNTU-CVE-2022-50425

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix copyxstatetouabi to copy init states correctly When an extended state component is not present in fpstate, but in init state, the function copies from initfpstate via copyfeature. But, dynamic states are not present ...

DEBIAN-CVE-2025-39684

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized memory in doinsnioctl and doinsnlistioctl syzbot reports a KMSAN kernel-infoleak in doinsnioctl. A kernel buffer is allocated to hold insn-n samples each of which is an unsigned int. For some...

Exploit for CVE-2016-2434

About This is where I will post analysis of Public Exploits, or some of my 1day exploits. Public exploit analysis - Personally I think the best way to learn a public exploit is by understanding it line-by-line until I can understand the exploit to the fullest. I will post some of these...

SUSE CVE-2024-56769

In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000writereg Syzbot reports 1 an uninitialized value issue found by KMSAN in dib3000readreg. Local u8 rb2 is used in i2ctransfer as a read buffer; in case that call fails, t...

CVE-2024-47717

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Don't zero-out PMU snapshot area before freeing data With the latest Linux-6.11-rc3, the below NULL pointer crash is observed when SBI PMU snapshot is enabled for the guest and the guest is forcefully powered-off...

GSD-2022-1007674 scsi: stex: Properly zero out the passthrough command structure

scsi: stex: Properly zero out the passthrough command structure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.331 by commit...

CVE-2016-20014

In pamtacplus.c in pamtacplus before 1.4.1, pamsmacctmgmt does not zero out the arep data structure...

FFmpeg 数字错误漏洞

FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg Ffmpeg team. A security vulnerability exists in Ffmpeg, which allows attackers to exploit the vulnerability to cause a denial of service or other unspecified impact due to a zero-out...

Amazon Linux 2 : libjpeg-turbo (ALAS-2019-1350)

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service NULL pointer dereference and application crash or execute arbitrary code via a crafted file.CVE-2016-3616 A divide by zero vulnerability has been discovered in libjpeg-turbo in allocsarray function of jmemmgr.c file...

docPrint Pro 8.0 - SEH Buffer Overflow

import struct Title: docPrint Pro v8.0 'User/Master Password' Local SEH Alphanumeric Encoded Buffer Overflow Date: September 14th, 2019 Author: Connor McGarr @33y0re https://connormcgarr.github.io Vendor Homepage: http://www.verypdf.com Software Link: http://dl.verypdf.net/docprintprosetup.exe...