VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1099 advisories across 32 monitored vendors.
In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in __sctp_rcv_asconf_lookup() __sctp_rcv_asconf_lookup() in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af->from_addr_param(), which reads the full address (16 bytes for IPv6) trusting the parameter's declared length. An unauthenticated peer can send a truncated trailing ASCONF chunk that declares an IPv6 address parameter but stops after the 4-byte parameter header; reached from the no-association lookup path, from_addr_param() then reads uninitialized bytes past the parameter. The sibling __sctp_rcv_init_lookup() bounds parameters with sctp_walk_params(); this path open-codes the fetch and omits the bound. Verify the whole address parameter lies within the chunk before from_addr_param() reads it, the same class of fix as commit 51e5ad549c43 ("net: sctp: fix KMSAN uninit-value in sctp_inq_pop"). A flaw was found in the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted, truncated ASCONF (Address Configuration) chunk. This can cause the system to read up to 16 bytes of uninitialized memory, potentially leading to information disclosure or memory corruption.
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix global performance monitor reference counting In the SET_GLOBAL ioctl, v3d_perfmon_find() bumps the reference count on the perfmon it returns, but v3d_perfmon_set_global_ioctl() and v3d_perfmon_delete() fail to release that reference on several paths: 1. v3d_perfmon_set_global_ioctl() leaks the reference on its error paths. 2. CLEAR_GLOBAL leaks both the find reference and the reference previously stashed in v3d->global_perfmon by the SET_GLOBAL ioctl that configured it. 3. Release each of these references explicitly. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
In the Linux kernel, the following vulnerability has been resolved: erofs: fix use-after-free on sbi->sync_decompress z_erofs_decompress_kickoff() can race with filesystem unmount, causing a use-after-free on sbi->sync_decompress. When I/O completes, z_erofs_endio() calls z_erofs_decompress_kickoff() to queue z_erofs_decompressqueue_work() asynchronously. Then, after all folios are unlocked, unmount workflow can proceed and sbi will be freed before accessing to sbi->sync_decompress. Thread (unmount) I/O completion kworker queue_work z_erofs_decompressqueue_work (all folios are unlocked) cleanup_mnt .. erofs_kill_sb erofs_sb_free kfree(sbi) access sbi->sync_decompress // UAF!! Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Affected product named by the advisory: Red Hat Enterprise Linux 10.
A flaw was found in the `devlink` component of the Linux kernel. This issue occurs when a devlink instance acquires a nested relation but fails to register, leading to a resource leak. This can result in system instability or a denial of service (DoS) over time due to resource exhaustion. Red Hat severity: Low — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-772: Missing Release of Resource after Effective Lifetime. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 9.
Uninitialized Use in GPU. Red Hat rates this important (CVSS 5.3). Weakness: CWE-824.
Insufficient validation of untrusted input in Navigation. Red Hat rates this important (CVSS 5.8). Weakness: CWE-1286.
Information disclosure via path traversal in LaTeX backend. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-22.
Denial of Service due to infinite loop in AtomicReference#update. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-835.
Incorrect write lock granting leading to broken mutual exclusion. Red Hat rates this low (CVSS 4.7). Weakness: CWE-190.
A flaw was found in the Jenkins GitHub Branch Source Plugin. A missing permission check allows an attacker with Overall/Read permission to obtain the URLs of GitHub Enterprise servers. This information disclosure could expose sensitive configuration details of the Jenkins environment. Red Hat severity: Moderate — CVSS 4.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). Weakness: CWE-425: Direct Request ('Forced Browsing'). Affected product named by the advisory: OpenShift Developer Tools and Services.
A flaw was found in Jenkins Pipeline: Groovy Plugin. This cross-site request forgery (CSRF) vulnerability allows attackers to instantiate types related to job or system configuration. This could enable unauthorized modifications to the Jenkins environment. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N). Weakness: CWE-940: Improper Verification of Source of a Communication Channel. Affected product named by the advisory: OpenShift Developer Tools and Services.
A flaw was found in logback-core, a logging framework for Java applications. This vulnerability allows an attacker with existing privileges and write access to a configuration file, or the ability to inject a malicious environment variable, to execute arbitrary code. This can be achieved by compromising an existing logback configuration file or by injecting an environment variable before program execution, circumventing existing protections. A successful attack requires the Janino library to be present on the user's class path. Red Hat severity: Moderate — CVSS 6 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N). Weakness: CWE-94: Improper Control of Generation of Code ('Code Injection'). Affected products named by the advisory: Migration Toolkit for Applications 8; OpenShift Serverless; Red Hat AMQ Broker 7; Red Hat AMQ Clients; and 17 more.
limit next_id allocation to the valid ID range. Red Hat rates this moderate (CVSS 5.8). Weakness: CWE-825.
A flaw was found in the Linux kernel's Virtual Routing and Forwarding (VRF) functionality. When a network device is removed from a VRF, a lack of proper synchronization can lead to a Null Pointer Dereference (NPD). This issue can be triggered by a local user, potentially causing the system to crash, resulting in a Denial of Service (DoS). Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-820: Missing Synchronization. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9.
A flaw was found in the Linux kernel's `af_unix` component. This vulnerability involves the incorrect handling of the `SIOCATMARK` operation when used with non-stream sockets, such as `SOCK_DGRAM` and `SOCK_SEQPACKET`. These socket types did not properly reject `SIOCATMARK`, an operation intended only for `SOCK_STREAM` sockets. This could lead to unexpected system behavior when an application attempts to perform this unsupported operation. Red Hat severity: Low — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-1287: Improper Validation of Specified Type of Input. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6.
A flaw was found in the Linux kernel's `net/smc` module. An unprivileged local user could trigger a null pointer dereference by performing `sendmsg()` or `recvmsg()` operations on an SMC-D (Shared Memory Communications - Direct) socket while the `smc_msg_event` tracepoint is enabled. This can lead to a general protection fault, causing a system crash and resulting in a Denial of Service (DoS). Red Hat severity: Low — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-476: NULL Pointer Dereference. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9.
A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) component. An unprivileged local user can trigger a kernel panic by sending a specially crafted atomic control message (cmsg) over an active RDS/InfiniBand (IB) connection. This issue is caused by improper handling of masked atomic completion operations, leading to a null pointer dereference. Successful exploitation results in a system crash, causing a Denial of Service (DoS). Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-476: NULL Pointer Dereference. Affected product named by the advisory: Red Hat Enterprise Linux 6.
A flaw was found in the Linux kernel's tap driver. This vulnerability allows an attacker to potentially disclose sensitive kernel stack memory contents to userspace. The flaw occurs in the `tap_ioctl()` function when handling the `SIOCGIFHWADDR` command, where uninitialized portions of a stack-allocated structure are copied to userspace. This information leak could be used to bypass Kernel Address Space Layout Randomization (KASLR), making it easier for attackers to exploit other vulnerabilities. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-909: Missing Initialization of Resource. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9.
A flaw was found in the Linux kernel's Stream Control Transmission Protocol (SCTP) stream handling. When an attempt to add outgoing streams is denied, the system fails to fully roll back the associated state. This incomplete rollback can leave behind stale stream metadata, which a subsequent stream re-addition can then reuse. This can lead to a null-pointer dereference, potentially causing a system crash and resulting in a Denial of Service (DoS). Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-825: Expired Pointer Dereference. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9.
A flaw was found in the Linux kernel's netfilter ipset component. Specifically, certain hash set variants (such as hash:ip,mark and hash:ip,port) that iterate IPv4 ranges with a 32-bit iterator do not correctly stop at the end of the requested range. This can cause the iteration to advance beyond the intended boundary, potentially leading to a later retry continuing from an unintended position. This issue could result in incorrect processing of network rules or unexpected system behavior. Red Hat severity: Low — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-193: Off-by-one Error. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; and 1 more.