Vulnerabilities (CVE)

Filtered by CWE-909
Total 81 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-8178 1 Freebsd 1 Freebsd 2024-09-06 N/A 8.8 HIGH
The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host.
CVE-2024-43873 1 Linux 1 Linux Kernel 2024-09-03 N/A 7.8 HIGH
In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized when socket is created. Thus if features are never set, it will be read uninitialized. 2. if VIRTIO_VSOCK_F_SEQPACKET is set and then cleared, then seqpacket_allow will not be cleared appropriately (existing apps I know about don't usually do this but it's legal and there's no way to be sure no one relies on this). To fix: - initialize seqpacket_allow after allocation - set it unconditionally in set_features
CVE-2024-32945 1 Mattermost 1 Mattermost Mobile 2024-07-16 N/A 5.3 MEDIUM
Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions.
CVE-2021-28167 1 Eclipse 1 Openj9 2024-06-21 6.4 MEDIUM 6.5 MEDIUM
In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes the JVM in some cases to pre-resolve certain constant pool entries. This allows a user to call static methods or access static members without running the class initialization method, and may allow a user to observe uninitialized values.
CVE-2021-22898 6 Debian, Fedoraproject, Haxx and 3 more 12 Debian Linux, Fedora, Curl and 9 more 2024-03-27 2.6 LOW 3.1 LOW
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.
CVE-2021-34693 2 Debian, Linux 2 Debian Linux, Linux Kernel 2024-03-25 2.1 LOW 5.5 MEDIUM
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
CVE-2020-20739 3 Debian, Fedoraproject, Libvips Project 3 Debian Linux, Fedora, Libvips 2024-02-08 5.0 MEDIUM 5.3 MEDIUM
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address.
CVE-2022-0175 2 Redhat, Virglrenderer Project 2 Enterprise Linux, Virglrenderer 2024-02-04 N/A 5.5 MEDIUM
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure.
CVE-2021-0947 1 Google 1 Android 2024-02-04 N/A 7.5 HIGH
The method PVRSRVBridgeTLDiscoverStreams allocates puiStreamsInt on the heap, fills the contents of the buffer via TLServerDiscoverStreamsKM, and then copies the buffer to userspace. The method TLServerDiscoverStreamsKM may fail for several reasons including invalid sizes. If this method fails the buffer will be left uninitialized and despite the error will still be copied to userspace. Kernel leak of uninitialized heap data with no privs required.Product: AndroidVersions: Android SoCAndroid ID: A-236838960
CVE-2022-1016 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-02-04 N/A 5.5 MEDIUM
A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.
CVE-2021-0946 1 Google 1 Android 2024-02-04 N/A 7.5 HIGH
The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameInt on the heap, fills the contents of the buffer via PMR_PDumpSymbolicAddr, and then copies the buffer to userspace. The method PMR_PDumpSymbolicAddr may fail, and if it does the buffer will be left uninitialized and despite the error will still be copied to userspace. Kernel leak of uninitialized heap data with no privs required.Product: AndroidVersions: Android SoCAndroid ID: A-236846966
CVE-2022-29968 1 Linux 1 Linux Kernel 2024-02-04 4.6 MEDIUM 7.8 HIGH
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.
CVE-2022-0382 1 Linux 1 Linux Kernel 2024-02-04 2.1 LOW 5.5 MEDIUM
An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user cannot control what is read. This flaw affects the Linux kernel versions prior to 5.17-rc1.
CVE-2021-39966 1 Huawei 3 Emui, Harmonyos, Magic Ui 2024-02-04 5.0 MEDIUM 7.5 HIGH
There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-0961 1 Google 1 Android 2024-02-04 2.1 LOW 4.4 MEDIUM
In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196046570References: Upstream kernel
CVE-2022-22704 2 Alpinelinux, Zabbix 2 Alpine Linux, Zabbix-agent2 2024-02-04 10.0 HIGH 9.8 CRITICAL
The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the configuration.
CVE-2021-0966 1 Google 1 Android 2024-02-04 2.1 LOW 5.5 MEDIUM
In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted parcelable to reveal uninitialized memory of a target process due to uninitialized data. This could lead to local information disclosure across Binder transactions with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-198346478
CVE-2019-25054 1 Pnet Project 1 Pnet 2024-02-04 5.0 MEDIUM 7.5 HIGH
An issue was discovered in the pnet crate before 0.27.2 for Rust. There is a segmentation fault (upon attempted dereference of an uninitialized descriptor) because of an erroneous IcmpTransportChannelIterator compiler optimization.
CVE-2021-26333 1 Amd 2 Chipset Driver, Psp Driver 2024-02-04 4.9 MEDIUM 5.5 MEDIUM
An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from uninitialized physical pages.
CVE-2021-22482 1 Huawei 2 Emui, Magic Ui 2024-02-04 5.0 MEDIUM 5.3 MEDIUM
There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data.