Lucene search
+L

286 matches found

SUSE CVE
SUSE CVE
added 2026/06/26 2:9 a.m.10 views

SUSE CVE-2026-53211

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftmetabridge: fix stale stack leak via IIFHWADDR register NFTMETABRIIIFHWADDR declares its destination register with len = ETHALEN 6 bytes, which the register-init tracking rounds up to two 32-bit registers 8 bytes...

5.8AI score0.00126EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 8:39 a.m.9 views

EUVD-2026-39214

In the Linux kernel, the following vulnerability has been resolved: 6lowpan: fix off-by-one in multicast context address compression The second memcpy in lowpaniphcmcastctxaddrcompress uses &data1 as destination and &ipaddr-s6addr11 as source, but both should be offset by one: &data2 and...

5.7AI score0.00119EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.24 views

CVE-2026-53263

CVE-2026-53263 is reported in OSV entries as affecting the rootio-linux package in Ubuntu/Debian environments, with patches available in multiple fixed versions (e.g., Root:Ubuntu:22.04 and Root:Ubuntu:24.04; Debian 11/12 tracks). The Debian/Ubuntu Nessus OSV entries note patches for these distri...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53211 netfilter: nft_meta_bridge: fix stale stack leak via IIFHWADDR register

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftmetabridge: fix stale stack leak via IIFHWADDR register NFTMETABRIIIFHWADDR declares its destination register with len = ETHALEN 6 bytes, which the register-init tracking rounds up to two 32-bit registers 8 bytes...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it. Before using the data buffer to send back the response message, completely zero it. This prevents any stray bytes from being picked up by the client side when messages are exchanged...

7.5CVSS5.8AI score0.00444EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 7:14 a.m.3 views

CVE-2026-52940 tun: zero the whole vnet header in tun_put_user()

In the Linux kernel, the following vulnerability has been resolved: tun: zero the whole vnet header in tunputuser tunputuser declares an on-stack struct virtionethdrv1hashtunnel without zeroing it. For a non-tunnel skb, virtionethdrtnlfromskb only initializes the first 10 bytes sizeofstruct...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51733

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where the tun put user function declares a virtio net hdr v1 hash tunnel structure on the stack without initializing it to zero. For non-tunnel socket buffers skb, the...

5.5CVSS6AI score0.00112EPSS
Exploits0References21
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Stale pointers have been set to zero. The function crostypecgetswitchhandles allocates four pointers when obtaining type-c switch handles. These pointers are all freed if none of them are obtained...

5.7AI score0.00174EPSS
Exploits0References1
NVD
NVD
added 2026/06/18 6:16 p.m.14 views

CVE-2026-48984

pamusb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, the xfree memory release helper in calls free without first zeroing the buffer contents, releasing heap-allocated buffers containing sensitive data — including one-time pad bytes read fr...

4.7CVSS0.00109EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 5:6 p.m.19 views

CVE-2026-48984

pam_usb for Linux (affected: v0.9.1 and earlier) has a memory handling flaw where xfree() frees buffers without zeroing contents, potentially leaving sensitive data (including one-time pad bytes) in freed heap memory. On systems with use-after-free or heap inspection capabilities, this could perm...

4.7CVSS5.6AI score0.00109EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 5:6 p.m.21 views

CVE-2026-48984 pam_usb: xfree() does not call explicit_bzero — sensitive cryptographic material may linger in freed heap

pamusb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, the xfree memory release helper in calls free without first zeroing the buffer contents, releasing heap-allocated buffers containing sensitive data — including one-time pad bytes read fr...

4.7CVSS0.00109EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 5:6 p.m.3 views

CVE-2026-48984 pam_usb: xfree() does not call explicit_bzero — sensitive cryptographic material may linger in freed heap

pamusb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, the xfree memory release helper in calls free without first zeroing the buffer contents, releasing heap-allocated buffers containing sensitive data — including one-time pad bytes read fr...

4.7CVSS6.1AI score0.00109EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/18 5:6 p.m.8 views

CVE-2026-48984

pamusb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, the xfree memory release helper in calls free without first zeroing the buffer contents, releasing heap-allocated buffers containing sensitive data — including one-time pad bytes read fr...

4.7CVSS5.5AI score0.00109EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.38 views

PT-2026-50769

Name of the Vulnerable Software and Affected Versions pam usb versions 0.9.1 and earlier Description The xfree memory release helper calls free without zeroing buffer contents first. This results in heap-allocated buffers containing sensitive data, such as one-time pad bytes read from disk, being...

4.7CVSS6AI score0.00109EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/09 12:25 p.m.33 views

CVE-2026-46329 erofs: handle end of filesystem properly for file-backed mounts

In the Linux kernel, the following vulnerability has been resolved: erofs: handle end of filesystem properly for file-backed mounts I/O requests beyond the end of the filesystem should be zeroed out, similar to loopback devices and that is what we expect...

0.00114EPSS
Exploits0References4
CVE
CVE
added 2026/06/09 12:25 p.m.28 views

CVE-2026-46326

CVE-2026-46326 affects the Linux kernel driver iio: pressure: mprls0025pa. The root cause is improper initialization of the spi_transfer structure, with the patch ensuring the spi_transfer struct is zeroed out before use. The impact is high (local access with potential to read uninitialized memor...

8.4CVSS5.4AI score0.00132EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/28 10:16 a.m.19 views

CVE-2026-46167

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

5.5CVSS0.00128EPSS
Exploits0References8
NVD
NVD
added 2026/05/28 10:16 a.m.21 views

CVE-2026-46132

In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero iflavfbroadcast to avoid stack infoleak in rtnlfillvfinfo rtnlfillvfinfo declares struct iflavfbroadcast on the stack without initialisation: struct iflavfbroadcast vfbroadcast; The struct contains a single...

5.5CVSS0.00128EPSS
Exploits0References8
OSV
OSV
added 2026/05/28 10:16 a.m.9 views

UBUNTU-CVE-2026-46182

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace The hdr variable is allocated on the stack and only hdr.version and hdr.flags are initialized explicitly. Because the struct paprhvpipehdr contains reserved paddi...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References6
CVE
CVE
added 2026/05/28 9:36 a.m.48 views

CVE-2026-46182

The CVE-2026-46182 issue affects the Linux kernel component pseries/papr-hvpipe . The root cause is that a local kernel stack variable hdr (papr_hvpipe_hdr) is allocated on the stack and only hdr.version and hdr.flags are initialized, leaving reserved padding bytes uninitialized. When copied to u...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder