226 matches found
PT-2026-60600
Name of the Vulnerable Software and Affected Versions Quicly versions prior to commit dccf5d4 Description Quicly, an IETF QUIC protocol implementation used in the H2O HTTP server, is susceptible to stateless reset injection. The issue stems from a lack of packet entry validation when handling...
CVE-2026-59099 Apereo CAS 7.3.0 < 8.0.0-RC6 - AES-GCM Nonce Reuse Information Disclosure
Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...
CVE-2026-58051 libssh2 - Free of Uninitialized Pointer in publickey List Cleanup
libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...
CVE-2026-58051
libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...
EUVD-2026-39971
libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...
CVE-2026-58051
libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...
SUSE CVE-2026-52985
In the Linux kernel, the following vulnerability has been resolved: netdevsim: zero initialize struct iphdr in dummy skbuff Syzbot reports a KMSAN uninit-value originating from nsimdevtrapskbbuild, with the allocation also being performed in the same function. Fix this by calling skbputzero inste...
SUSE CVE-2026-53263
In the Linux kernel, the following vulnerability has been resolved: 6lowpan: fix off-by-one in multicast context address compression The second memcpy in lowpaniphcmcastctxaddrcompress uses &data1 as destination and &ipaddr-s6addr11 as source, but both should be offset by one: &data2 and...
PT-2026-53083
Name of the Vulnerable Software and Affected Versions libssh2 versions prior to 1.11.2 Description An issue exists in the public key parsing process where the software expands its public key list using SSH2 REALLOC but fails to zero-initialize new entries before they are populated. If a parse...
CVE-2026-53167
In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSENOTIFYRETRIEVE to uptodate folios FUSENOTIFYRETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since FUSENOTIFYRETRIEVE is intended to only return data that is already in...
EUVD-2026-39258
In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSENOTIFYRETRIEVE to uptodate folios FUSENOTIFYRETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since FUSENOTIFYRETRIEVE is intended to only return data that is already in...
PT-2026-52358
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An off-by-one error exists in the lowpan iphc mcast ctx addr compress function. The second memcpy operation incorrectly uses &data1 as the destination and &ipaddr-s6 addr11 as the source...
CVE-2026-52985
In the Linux kernel, the following vulnerability has been resolved: netdevsim: zero initialize struct iphdr in dummy skbuff Syzbot reports a KMSAN uninit-value originating from nsimdevtrapskbbuild, with the allocation also being performed in the same function. Fix this by calling skbputzero inste...
CVE-2026-52985
In the Linux kernel, the following vulnerability has been resolved: netdevsim: zero initialize struct iphdr in dummy skbuff Syzbot reports a KMSAN uninit-value originating from nsimdevtrapskbbuild, with the allocation also being performed in the same function. Fix this by calling skbputzero inste...
CVE-2026-52985
CVE-2026-52985 concerns the Linux kernel in the netdevsim feature, where the IP header in a dummy skb was not zero-initialized in nsim_dev_trap_skb_build. The issue arises from using skb_put instead of skb_put_zero, leading to uninitialized values in the IP header and potential memory/safety impl...
CVE-2026-52985 netdevsim: zero initialize struct iphdr in dummy sk_buff
In the Linux kernel, the following vulnerability has been resolved: netdevsim: zero initialize struct iphdr in dummy skbuff Syzbot reports a KMSAN uninit-value originating from nsimdevtrapskbbuild, with the allocation also being performed in the same function. Fix this by calling skbputzero inste...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix the initialization of the spitransfer struct Make sure that the spitransfer struct is cleared to zero before use...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg – Zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests that were allocated using sockkmalloc remained uninitialized. This meant that callers had to explicitly set the fields...
PT-2026-51879
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netdevsim component where the struct iphdr in a dummy sk buff is not properly initialized. This leads to a KMSAN uninit-value, which occurs when the kernel accesse...
SUSE CVE-2026-46326
In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spitransfer struct initialisation Make sure that the spitransfer struct is zeroed out before use...