CWE-665
DiscouragedImproper Initialization
Abstraction: Class · Status: Draft
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
425 vulnerabilities reference this CWE, most recent first.
GHSA-PC6G-G5M7-F2GR
Vulnerability from github – Published: 2022-01-12 00:00 – Updated: 2022-01-21 00:01nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace.
{
"affected": [],
"aliases": [
"CVE-2021-46283"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-11T22:15:00Z",
"severity": "MODERATE"
},
"details": "nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace.",
"id": "GHSA-pc6g-g5m7-f2gr",
"modified": "2022-01-21T00:01:14Z",
"published": "2022-01-12T00:00:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46283"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.13"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ad9f151e560b016b6ad3280b48e42fa11e1a5440"
},
{
"type": "WEB",
"url": "https://syzkaller.appspot.com/bug?id=22c3987f75a7b90e238a26b5a5920525c2d1f345"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-PFPC-M9WM-F454
Vulnerability from github – Published: 2022-05-24 17:12 – Updated: 2023-02-03 21:30An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.
{
"affected": [],
"aliases": [
"CVE-2019-7630"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-03-25T17:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.",
"id": "GHSA-pfpc-m9wm-f454",
"modified": "2023-02-03T21:30:28Z",
"published": "2022-05-24T17:12:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7630"
},
{
"type": "WEB",
"url": "https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2019-0003/FEYE-2019-0003.md"
},
{
"type": "WEB",
"url": "https://www.gigabyte.com/Support/Security/1801"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PGFQ-HX82-XVVX
Vulnerability from github – Published: 2024-05-14 15:32 – Updated: 2024-05-14 15:32ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . If the set of keys are leaked or cracked, the user session informations using the keys may be leaked.
{
"affected": [],
"aliases": [
"CVE-2024-22064"
],
"database_specific": {
"cwe_ids": [
"CWE-1051",
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-14T14:56:40Z",
"severity": "HIGH"
},
"details": "ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . If the set of keys are leaked or cracked, the user session informations using the keys may be leaked.\n\n",
"id": "GHSA-pgfq-hx82-xvvx",
"modified": "2024-05-14T15:32:52Z",
"published": "2024-05-14T15:32:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22064"
},
{
"type": "WEB",
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035524"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-PRJ2-H762-9J59
Vulnerability from github – Published: 2024-09-13 06:30 – Updated: 2024-09-19 18:30In the Linux kernel, the following vulnerability has been resolved:
nfsd: ensure that nfsd4_fattr_args.context is zeroed out
If nfsd4_encode_fattr4 ends up doing a "goto out" before we get to checking for the security label, then args.context will be set to uninitialized junk on the stack, which we'll then try to free. Initialize it early.
{
"affected": [],
"aliases": [
"CVE-2024-46697"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-13T06:15:14Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: ensure that nfsd4_fattr_args.context is zeroed out\n\nIf nfsd4_encode_fattr4 ends up doing a \"goto out\" before we get to\nchecking for the security label, then args.context will be set to\nuninitialized junk on the stack, which we\u0027ll then try to free.\nInitialize it early.",
"id": "GHSA-prj2-h762-9j59",
"modified": "2024-09-19T18:30:51Z",
"published": "2024-09-13T06:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46697"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dd65b324174a64558a16ebbf4c3266e5701185d0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f58bab6fd4063913bd8321e99874b8239e9ba726"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PW3C-H7WP-CVHX
Vulnerability from github – Published: 2022-01-12 20:07 – Updated: 2024-10-11 21:09Pillow is the friendly PIL (Python Imaging Library) fork. path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "pillow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-22815"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": true,
"github_reviewed_at": "2022-01-11T18:02:06Z",
"nvd_published_at": "2022-01-10T14:12:00Z",
"severity": "MODERATE"
},
"details": "Pillow is the friendly PIL (Python Imaging Library) fork. `path_getbbox` in `path.c` in Pillow before 9.0.0 improperly initializes `ImagePath.Path`.",
"id": "GHSA-pw3c-h7wp-cvhx",
"modified": "2024-10-11T21:09:06Z",
"published": "2022-01-12T20:07:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22815"
},
{
"type": "WEB",
"url": "https://github.com/python-pillow/Pillow/pull/5920"
},
{
"type": "WEB",
"url": "https://github.com/python-pillow/Pillow/commit/1e092419b6806495c683043ab3feb6ce264f3b9c"
},
{
"type": "WEB",
"url": "https://github.com/python-pillow/Pillow/commit/c48271ab354db49cdbd740bc45e13be4f0f7993c"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-pw3c-h7wp-cvhx"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2022-8.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/python-pillow/Pillow"
},
{
"type": "WEB",
"url": "https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331"
},
{
"type": "WEB",
"url": "https://github.com/python-pillow/Pillow/blob/e8ab5640774716c5486d3cb05167f74f742ad6ef/CHANGES.rst?plain=1#L1187"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html"
},
{
"type": "WEB",
"url": "https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5053"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Improper Initialization in Pillow"
}
GHSA-PX3V-C44G-GP46
Vulnerability from github – Published: 2022-09-01 00:00 – Updated: 2022-09-08 00:00In D-Link DIR-816 A2_v1.10CNB04.img the network can be initialized without authentication via /goform/wizard_end.
{
"affected": [],
"aliases": [
"CVE-2022-37128"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-31T19:15:00Z",
"severity": "CRITICAL"
},
"details": "In D-Link DIR-816 A2_v1.10CNB04.img the network can be initialized without authentication via /goform/wizard_end.",
"id": "GHSA-px3v-c44g-gp46",
"modified": "2022-09-08T00:00:32Z",
"published": "2022-09-01T00:00:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37128"
},
{
"type": "WEB",
"url": "https://github.com/z1r00/IOT_Vul/blob/main/dlink/Dir816/wizard_end/readme.md"
},
{
"type": "WEB",
"url": "https://www.dlink.com/en/security-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PXQC-5JG3-XFQM
Vulnerability from github – Published: 2026-01-28 18:30 – Updated: 2026-01-28 18:30In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider:
1) vCPU runs on CPU A, running task 1. 2) vCPU moves to CPU B, idle gets scheduled on A. Xen skips IBPB. 3) On CPU B, guest kernel switches from task 1 to 2, issuing IBPB. 4) vCPU moves back to CPU A. Xen skips IBPB again.
Now, task 2 is running on CPU A with task 1's training still in the BTB.
{
"affected": [],
"aliases": [
"CVE-2026-23553"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-28T16:16:16Z",
"severity": "LOW"
},
"details": "In the context switch logic Xen attempts to skip an IBPB in the case of\na vCPU returning to a CPU on which it was the previous vCPU to run.\nWhile safe for Xen\u0027s isolation between vCPUs, this prevents the guest\nkernel correctly isolating between tasks. Consider:\n\n 1) vCPU runs on CPU A, running task 1.\n 2) vCPU moves to CPU B, idle gets scheduled on A. Xen skips IBPB.\n 3) On CPU B, guest kernel switches from task 1 to 2, issuing IBPB.\n 4) vCPU moves back to CPU A. Xen skips IBPB again.\n\nNow, task 2 is running on CPU A with task 1\u0027s training still in the BTB.",
"id": "GHSA-pxqc-5jg3-xfqm",
"modified": "2026-01-28T18:30:47Z",
"published": "2026-01-28T18:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23553"
},
{
"type": "WEB",
"url": "https://xenbits.xenproject.org/xsa/advisory-479.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/01/27/3"
},
{
"type": "WEB",
"url": "http://xenbits.xen.org/xsa/advisory-479.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-Q59C-HW6F-X2M2
Vulnerability from github – Published: 2026-05-12 18:30 – Updated: 2026-05-12 18:30Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
{
"affected": [],
"aliases": [
"CVE-2025-35991"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-12T17:16:13Z",
"severity": "MODERATE"
},
"details": "Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.",
"id": "GHSA-q59c-hw6f-x2m2",
"modified": "2026-05-12T18:30:38Z",
"published": "2026-05-12T18:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-35991"
},
{
"type": "WEB",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01413.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-Q6CP-7RM2-87GF
Vulnerability from github – Published: 2022-05-13 01:40 – Updated: 2022-05-13 01:40A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38239864.
{
"affected": [],
"aliases": [
"CVE-2017-0735"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-09T21:29:00Z",
"severity": "MODERATE"
},
"details": "A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38239864.",
"id": "GHSA-q6cp-7rm2-87gf",
"modified": "2022-05-13T01:40:35Z",
"published": "2022-05-13T01:40:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-0735"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2017-08-01"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/100204"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q6F7-V272-HQQQ
Vulnerability from github – Published: 2022-08-25 00:00 – Updated: 2022-08-31 00:00A flaw was found in the Linux kernel’s implementation of reading the SVC RDMA counters. Reading the counter sysctl panics the system. This flaw allows a local attacker with local access to cause a denial of service while the system reboots. The issue is specific to CentOS/RHEL.
{
"affected": [],
"aliases": [
"CVE-2021-4218"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-24T16:15:00Z",
"severity": "MODERATE"
},
"details": "A flaw was found in the Linux kernel\u2019s implementation of reading the SVC RDMA counters. Reading the counter sysctl panics the system. This flaw allows a local attacker with local access to cause a denial of service while the system reboots. The issue is specific to CentOS/RHEL.",
"id": "GHSA-q6f7-v272-hqqq",
"modified": "2022-08-31T00:00:20Z",
"published": "2022-08-25T00:00:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4218"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2021-4218"
},
{
"type": "WEB",
"url": "https://bugs.centos.org/view.php?id=18395"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048359"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-3
Strategy: Language Selection
- Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, in Java, if the programmer does not explicitly initialize a variable, then the code could produce a compile-time error (if the variable is local) or automatically initialize the variable to the default value for the variable's type. In Perl, if explicit initialization is not performed, then a default value of undef is assigned, which is interpreted as 0, false, or an equivalent value depending on the context in which the variable is accessed.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all your variables and other data stores, either during declaration or just before the first usage.
Mitigation
Pay close attention to complex conditionals that affect initialization, since some conditions might not perform the initialization.
Mitigation
Avoid race conditions (CWE-362) during initialization routines.
Mitigation
Run or compile your product with settings that generate warnings about uninitialized variables or data.
CAPEC-26: Leveraging Race Conditions
The adversary targets a race condition occurring when multiple processes access and manipulate the same resource concurrently, and the outcome of the execution depends on the particular order in which the access takes place. The adversary can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance, a race condition can occur while accessing a file: the adversary can trick the system by replacing the original file with their version and cause the system to read the malicious file.
CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.