269 matches found
CVE-2022-50642
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: zero out stale pointers crostypecgetswitchhandles allocates four pointers when obtaining type-c switch handles. These pointers are all freed if failing to obtain any of them; therefore, pointers in...
CVE-2023-53790 bpf: Zeroing allocated object from slab in bpf memory allocator
In the Linux kernel, the following vulnerability has been resolved: bpf: Zeroing allocated object from slab in bpf memory allocator Currently the freed element in bpf memory allocator may be immediately reused, for htab map the reuse will reinitialize special fields in map value e.g., bpfspinlock...
CVE-2023-53790
Summary of CVE-2023-53790 (Linux kernel) : The vulnerability arises from the bpf memory allocator’s handling of freed objects in slab memory. Freed elements can be immediately reused, and for preallocated or non-preallocated htab maps this may cause reinitialization of special fields in map value...
CVE-2023-53790
In the Linux kernel, the following vulnerability has been resolved: bpf: Zeroing allocated object from slab in bpf memory allocator Currently the freed element in bpf memory allocator may be immediately reused, for htab map the reuse will reinitialize special fields in map value e.g., bpfspinlock...
CVE-2022-50642 platform/chrome: cros_ec_typec: zero out stale pointers
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: zero out stale pointers crostypecgetswitchhandles allocates four pointers when obtaining type-c switch handles. These pointers are all freed if failing to obtain any of them; therefore, pointers in...
Linux Distros Unpatched Vulnerability : CVE-2022-50642
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - platform/chrome: crosectypec: zero out stale pointers crostypecgetswitchhandles allocates four pointers when obtaining type-c switch handles. These pointers are...
CVE-2025-40279
In the Linux kernel, the following vulnerability has been resolved: net: sched: actconnmark: initialize struct tcife to fix kernel leak In tcfconnmarkdump, the variable 'opt' was partially initialized using a designatied initializer. While the padding bytes are reamined uninitialized. nlaput copi...
SUSE CVE-2025-40221
In the Linux kernel, the following vulnerability has been resolved: media: pci: mg4b: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the scan structure is zeroed before use...
Insertion of Sensitive Information Into Sent Data
Overview net.jpountz.lz4:lz4 is a package for LZ4 compression for Java Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data in the decompression process when the output buffer is reused without being cleared. An attacker can access sensitive...
CVE-2025-40236
In the Linux kernel, the following vulnerability has been resolved: virtio-net: zero unused hash fields When GSO tunnel is negotiated virtionethdrtnlfromskb tries to initialize the tunnel metadata but forget to zero unused rxhash fields. This may leak information to another side. Fixing this by...
DEBIAN-CVE-2025-40221
In the Linux kernel, the following vulnerability has been resolved: media: pci: mg4b: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the scan structure is zeroed before use...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990531)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990531 advisory. In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copyname syzbot reported BUG: KMSAN: uninit-value in...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990097)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990097 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 fs: Don't...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989460)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989460 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 fs: Don't...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: exfat: fix the new buffer was not zeroed before writing Before writing, if a bufferhead marked as new, its data must be zeroed, otherwise uninitialized data in the page cache will be written. So this commit uses foliozeronewbuffe...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Sensitive Information in Resource Not Removed Before Reuse (CVE-2024-49997)
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...
EUVD-2010-2239
Malware in sbrugna...
EUVD-2006-3592
Malware in sbrugna...
EUVD-2025-32402
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Set merge to zero early in afalgsendmsg If an error causes afalgsendmsg to abort, ctx-merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into afalgsendmsg whe...
CVE-2025-39931
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Set merge to zero early in afalgsendmsg If an error causes afalgsendmsg to abort, ctx-merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into afalgsendmsg whe...