209 matches found
UBUNTU-CVE-2025-39690
In the Linux kernel, the following vulnerability has been resolved: iio: accel: sca3300: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the channels array is zeroed before use...
UBUNTU-CVE-2025-39684
In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized memory in doinsnioctl and doinsnlistioctl syzbot reports a KMSAN kernel-infoleak in doinsnioctl. A kernel buffer is allocated to hold insn-n samples each of which is an unsigned int. For some...
CVE-2025-39687
In the Linux kernel, the following vulnerability has been resolved: iio: light: as73211: Ensure buffer holes are zeroed Given that the buffer is copied to a kfifo that ultimately user space can read, ensure we zero it...
Linux Distros Unpatched Vulnerability : CVE-2024-24856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The memory allocation function ACPIALLOCATEZEROED does not guarantee a successful allocation, but the subsequent code directly dereferences the pointer that...
Linux Distros Unpatched Vulnerability : CVE-2023-53059
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kerne...
Linux Distros Unpatched Vulnerability : CVE-2025-37883
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/sclp: Add check for getzeroedpage Add check for the return value of getzeroedpage in sclpconsoleinit to prevent null pointer dereference. Furthermore, to...
Linux Distros Unpatched Vulnerability : CVE-2022-50226
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal t...
Linux Distros Unpatched Vulnerability : CVE-2024-38592
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init ddpcomp with devmkcalloc In the case where connroutes is true we allocate...
s390/sclp: Add check for get_zeroed_page()
...
UBUNTU-CVE-2022-50226
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmware return...
golang-fips: Golang FIPS zeroed buffer
A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...
golang-fips: Golang FIPS zeroed buffer
A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...
golang-fips: Golang FIPS zeroed buffer
A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...
kernel: ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package()
In the Linux kernel, the following vulnerability has been resolved: ACPICA: check null return of ACPIALLOCATEZEROED in acpidbconverttopackage ACPICA commit 4d4547cf13cca820ff7e0f859ba83e1a610b9fd0 ACPIALLOCATEZEROED may fail, elements might be NULL and will cause NULL pointer dereference later...
SUSE CVE-2025-37883
In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Add check for getzeroedpage Add check for the return value of getzeroedpage in sclpconsoleinit to prevent null pointer dereference. Furthermore, to solve the memory leak caused by the loop allocation, add a free helper...
DEBIAN-CVE-2025-37883
In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Add check for getzeroedpage Add check for the return value of getzeroedpage in sclpconsoleinit to prevent null pointer dereference. Furthermore, to solve the memory leak caused by the loop allocation, add a free helper...
UBUNTU-CVE-2025-37883
In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Add check for getzeroedpage Add check for the return value of getzeroedpage in sclpconsoleinit to prevent null pointer dereference. Furthermore, to solve the memory leak caused by the loop allocation, add a free helper...
CVE-2023-53059
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...
CVE-2023-53059
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...
DEBIAN-CVE-2023-53059
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...