Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/vm: move xe_svm_init() earlier
In xe_vm_close_and_put() we need to be able to call xe_svm_fini(),
however during vm creation we can call this on the error path, be…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
mtd: nand: ecc-mxic: Fix use of uninitialized variable ret
If ctx->steps is zero, the loop processing ECC steps is skipped,
and the variable ret remains uninitialized. It…
High
CVSS: 7.5
Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
media: cxusb: no longer judge rbuf when the write fails
syzbot reported a uninit-value in cxusb_i2c_xfer. [1]
Only when the write operation of usb_bulk_msg() in dvb_usb_…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
media: imx-jpeg: Cleanup after an allocation error
When allocation failures are not cleaned up by the driver, further
allocation errors will be false-positives, which wil…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
usb: renesas_usbhs: Reorder clock handling and power management in probe
Reorder the initialization sequence in `usbhs_probe()` to enable runtime
PM before accessing regi…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
net: ch9200: fix uninitialised access during mii_nway_restart
In mii_nway_restart() the code attempts to call
mii->mdio_read which is ch9200_mdio_read(). ch9200_mdio_read…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()`
Commit 7a4836560a61 changes simple_write_to_buffer() with memdup_user()
but it forgets to…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
RDMA/rxe: Fix error unwind in rxe_create_qp()
In the function rxe_create_qp(), rxe_qp_from_init() is called to
initialize qp, internally things like the spin locks are no…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
kcm: fix strp_init() order and cleanup
strp_init() is called just a few lines above this csk->sk_user_data
check, it also initializes strp->work etc., therefore, it is
un…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
libnvdimm/labels: Fix divide error in nd_label_data_init()
If a faulty CXL memory device returns a broken zero LSA size in its
memory device information (Identify Memory…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
ptp: ocp: Limit signal/freq counts in summary output functions
The debugfs summary output could access uninitialized elements in
the freq_in[] and signal_out[] arrays, ca…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
sched_ext: bpf_iter_scx_dsq_new() should always initialize iterator
BPF programs may call next() and destroy() on BPF iterators even after new()
returns an error value (e…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
net: mctp: Don't access ifa_index when missing
In mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but
only when the struct ifaddrmsg is provided. Otherwis…
High
CVSS: 8.1
Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.
Medium
CVSS: 5.5
Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally.
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: Fix uninitialized memcache pointer in user_mem_abort()
Commit fce886a60207 ("KVM: arm64: Plumb the pKVM MMU in KVM") made the
initialization of the local memc…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()
The function brcmf_usb_dl_writeimage() calls the function
brcmf_usb_dl_cmd() but dose not check it…
Medium
CVSS: 5.5
In the Linux kernel, the following vulnerability has been resolved:
ipvs: fix uninit-value for saddr in do_output_route4
syzbot reports for uninit-value for the saddr argument [1].
commit 4754957f04f5 ("ipvs: do not use random local sourc…
Medium
CVSS: 6.5
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.