CWE-908: CWE-908

This CVE describes a Linux kernel vulnerability where the mdio_bus_init() function was incorrectly marked with both EXPORT_SYMBOL and __init annotatio...

A kernel panic vulnerability in Linux kernel's rtl818x wireless driver allows denial of service when using rtl8180/rtl8185 wireless cards. The driver ...

This CVE-2022-49235 is an uninitialized memory vulnerability in the Linux kernel's ath9k_htc wireless driver that can leak kernel memory contents to U...

A race condition vulnerability in the Linux kernel's ath11k PCI driver causes a kernel crash when the system enters suspend mode if the driver fails t...

This CVE describes a kernel memory corruption vulnerability in the Linux kernel's NetRom protocol implementation where insufficient buffer length vali...

This CVE describes an uninitialized memory vulnerability in the Linux kernel's DVB frontend driver for dib3000mb devices. When i2c_transfer() fails, u...

A Linux kernel vulnerability in the RTC subsystem where a failed __rtc_read_time call leads to uninitialized data being processed, potentially causing...

A Linux kernel vulnerability in the PowerPC fadump (firmware-assisted dump) feature causes improper memory alignment during CMA (Contiguous Memory All...

This vulnerability in the Linux kernel's HSR (High-availability Seamless Redundancy) protocol implementation allows an attacker to trigger an out-of-b...

A memory leak vulnerability in the Linux kernel's OCFS2 filesystem driver occurs when dquot_initialize() fails after new_inode() succeeds, causing bus...

This vulnerability in Android's ActivityManagerService allows malicious apps to access user metadata through a pending intent flaw. It enables local p...

CVE-2018-9420 is an information disclosure vulnerability in Android's camera service that allows local attackers to read uninitialized memory. This co...

This vulnerability in Android's AudioPolicyService allows local attackers to read uninitialized memory, potentially exposing sensitive information. It...

A vulnerability in the Linux kernel's SCTP protocol implementation allows attackers to cause a kernel crash (denial of service) by sending specially c...

A use-after-free vulnerability in the Linux kernel's Btrfs filesystem occurs when deleting delayed references without properly reinitializing the list...

This CVE-2024-50110 is a kernel information leak vulnerability in the Linux kernel's xfrm subsystem where uninitialized memory containing potentially ...

A race condition in the Linux kernel's Microsoft Azure Network Adapter (MANA) driver causes kernel panic when network queue cleanup occurs before NAPI...

This Windows kernel-mode driver vulnerability allows attackers to read sensitive kernel memory information. It affects Windows systems with the vulner...

A vulnerability in the Linux kernel's KVM subsystem for s390 architecture allows a guest VM to trigger a host kernel warning when GISA (Guest Informat...

This CVE describes an uninitialized memory vulnerability in the Linux kernel's HFS filesystem driver. When creating HFS inodes, certain fields in the ...

This vulnerability in Microsoft's Local Security Authority (LSA) server allows authenticated attackers to disclose sensitive information from system m...

This vulnerability in Microsoft's Local Security Authority (LSA) Server allows an authenticated attacker to read sensitive information from memory. It...

This CVE describes a use-after-free vulnerability in the Linux kernel's mlxreg LED driver. When the driver module is removed, a mutex is destroyed whi...

This CVE describes an uninitialized memory access vulnerability in the Linux kernel's inet_diag subsystem. When converting between diagnostic request ...

This CVE describes a kernel memory access vulnerability in the Linux kernel's profile_pc() function that improperly accesses stack memory. It affects ...

This CVE describes a kernel information leak vulnerability in the Linux kernel's J1939 CAN bus subsystem. The j1939_send_one() function fails to initi...

This CVE addresses a vulnerability in the Linux kernel's vDPA (Virtual Data Path Acceleration) mlx5 driver where insufficient validation of VIRTIO_NET...

A kernel memory corruption vulnerability in the Linux kernel's Intel Ethernet Controller ice driver allows attackers to trigger a KASAN stack-out-of-b...

This CVE describes a race condition vulnerability in the Linux kernel's ext4 filesystem driver where uninitialized lock state can be accessed during s...

A vulnerability in the Linux kernel's Nouveau graphics driver causes a kernel panic when attempting to schedule hotplug detection work on headless gra...

This CVE addresses an uninitialized variable vulnerability in the Linux kernel's MPTCP (Multipath TCP) implementation. Attackers could potentially tri...

This vulnerability in the Linux kernel's usb-storage alauda driver could cause a divide-by-zero error when accessing uninitialized USB storage media. ...

A vulnerability in the Linux kernel's NSH (Network Service Header) GSO segmentation handler could cause kernel memory corruption when processing speci...

A race condition vulnerability in the Linux kernel's HNS3 network driver allows kernel crashes when devlink reload operations occur during hardware in...

A race condition vulnerability in the Linux kernel's HNS3 network driver allows kernel crashes when devlink reload commands are issued during PF (Phys...

This CVE describes a Linux kernel memory policy vulnerability where mbind() allows illegal combinations of MPOL_F_NUMA_BALANCING and MPOL_LOCAL flags,...

A kernel panic vulnerability in the Linux kernel's netfilter xt_IDLETIMER module occurs when adding IDLETIMER rules with uninitialized timer_type valu...

This CVE involves an uninitialized variable being passed to error handling code in the Linux kernel's Kalmia USB network driver. The vulnerability cou...

This vulnerability in the Linux kernel's i40e network driver causes a kernel Oops (crash) when driver initialization fails, leading to an attempt to f...

This vulnerability in the Linux kernel's CAIF socket implementation allows reading uninitialized stack memory when sending messages with zero segments...

A vulnerability in the Linux kernel's GENEVE (Generic Network Virtualization Encapsulation) implementation allows uninitialized memory access when pro...

A vulnerability in the Linux kernel's NFC (Near Field Communication) subsystem allows reading uninitialized memory when processing packets with zero-l...

A Linux kernel vulnerability in ERSPAN (Encapsulated Remote SPAN) packet processing allows attackers to trigger kernel memory corruption by sending sp...

This CVE describes an information disclosure vulnerability in the Linux kernel's cpumap XDP (eXpress Data Path) subsystem. When XDP programs run on cp...

This vulnerability in OpenBSD's kernel multicast routing implementation allows local attackers to read uninitialized kernel memory, potentially disclo...

This vulnerability in the Linux kernel's FAT filesystem driver leaks uninitialized memory when generating file handles without parent directories. It ...

This vulnerability in NoMachine's DokanFS library allows local users on Windows 10 systems to cause a Blue Screen of Death (BSOD) denial of service by...

This vulnerability in Mbed TLS occurs when memory allocation fails or hardware errors happen, causing the library to use uninitialized stack memory wh...

A vulnerability in Phusion Passenger's HTTP parser allows denial of service attacks when processing requests with invalid HTTP methods. This affects w...

A use of uninitialized resource vulnerability in Fujitsu IPCOM EX2 and VE2 series network devices allows attackers to cause denial of service by sendi...