UBUNTU-CVE-2024-57906

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...

UBUNTU-CVE-2024-57908

In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...

CVE-2024-57909 iio: light: bh1745: fix information leak in triggered buffer

In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1745: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...

CVE-2024-57908 iio: imu: kmx61: fix information leak in triggered buffer

In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...

CVE-2024-57906 iio: adc: ti-ads8688: fix information leak in triggered buffer

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...

CVE-2024-57905 iio: adc: ti-ads1119: fix information leak in triggered buffer

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1119: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it has a hole between the sample unsigned int and the timestamp. This hole is...

PT-2025-3634 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns an information leak in the triggered buffer of the Linux kernel's iio light bh1745 component. The local struct 'scan' is used to send data to user space from a...

PT-2026-2874

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel's crypto subsystem contains an issue where memory allocated via sock kmalloc was not zero-initialized. This affected several crypto user API contexts and requests, relyi...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50302)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50302 advisory. - In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report...

HID: core: zero-initialize the report buffer

...

kernel: block: initialize integrity buffer to zero before writing it to media

A flaw was found in the Linux kernel, where it initialized the integrity buffer to zero before writing it to media. Metadata added by biointegrityprep uses plain kmalloc, which leads to random kernel memory being written. Protection Information PI metadata is limited to the app tag not used by...

SUSE CVE-2024-50302

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via...

DEBIAN-CVE-2024-50302

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via...

AZL-53706 CVE-2024-50302 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via...

PT-2024-34127

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The issue is related to a possible leak of kernel memory contents to a USB HID due to uninitialized data in the Linux kernel. This could lead to physical information disclosure with no...

kernel: block: initialize integrity buffer to zero before writing it to media

A flaw was found in the Linux kernel, where it initialized the integrity buffer to zero before writing it to media. Metadata added by biointegrityprep uses plain kmalloc, which leads to random kernel memory being written. Protection Information PI metadata is limited to the app tag not used by...

SUSE CVE-2024-50076

In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in confontget font.data may not initialize all memory spaces depending on the implementation of vc-vcsw-confontget. This may cause info-leak, so to prevent this, it is safest to modify it to initialize...

UBUNTU-CVE-2024-50076

In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in confontget font.data may not initialize all memory spaces depending on the implementation of vc-vcsw-confontget. This may cause info-leak, so to prevent this, it is safest to modify it to initialize...

UBUNTU-CVE-2022-48949

In the Linux kernel, the following vulnerability has been resolved: igb: Initialize mailbox message for VF reset When a MAC address is not assigned to the VF, that portion of the message sent to the VF is not set. The memory, however, is allocated from the stack meaning that information may be...

kernel: nbd: always initialize struct msghdr completely

In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg-msggetinq value can be uninitialized 1 struct msghdr got many new fields recently, we should always make sure their values is zero by default. 1 BUG: KMSAN...