Common Weakness Enumeration

CWE-908

Allowed

Use of Uninitialized Resource

Abstraction: Base · Status: Incomplete

The product uses or accesses a resource that has not been initialized.

822 vulnerabilities reference this CWE, most recent first.

GHSA-4CP9-P4G4-XXPG

Vulnerability from github – Published: 2024-11-22 21:32 – Updated: 2024-11-22 21:32
VLAI
Details

Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of SKP files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24101.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-9717"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-457",
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-22T21:15:24Z",
    "severity": "HIGH"
  },
  "details": "Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SKP files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24101.",
  "id": "GHSA-4cp9-p4g4-xxpg",
  "modified": "2024-11-22T21:32:20Z",
  "published": "2024-11-22T21:32:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9717"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1377"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4CPW-77G4-8RHJ

Vulnerability from github – Published: 2022-05-24 17:37 – Updated: 2022-09-03 00:00
VLAI
Details

There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-35494"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-01-04T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "There\u0027s a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34.",
  "id": "GHSA-4cpw-77g4-8rhj",
  "modified": "2022-09-03T00:00:19Z",
  "published": "2022-05-24T17:37:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35494"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911439"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KOK3QWSVOUJWJ54HVGIFWNLWQ5ZY4S6"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202107-24"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20210212-0007"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4GH9-53JC-3MCR

Vulnerability from github – Published: 2024-09-04 21:30 – Updated: 2025-11-04 00:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: flowtable: validate vlan header

Ensure there is sufficient room to access the protocol field of the VLAN header, validate it once before the flowtable lookup.

===================================================== BUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32 nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline] nf_ingress net/core/dev.c:5440 [inline]

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-44983"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-04T20:15:07Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: validate vlan header\n\nEnsure there is sufficient room to access the protocol field of the\nVLAN header, validate it once before the flowtable lookup.\n\n=====================================================\nBUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32\n nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]\n nf_ingress net/core/dev.c:5440 [inline]",
  "id": "GHSA-4gh9-53jc-3mcr",
  "modified": "2025-11-04T00:31:22Z",
  "published": "2024-09-04T21:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-44983"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0279c35d242d037abeb73d60d06a6d1bb7f672d9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/043a18bb6cf16adaa2f8642acfde6e8956a9caaa"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6ea14ccb60c8ab829349979b22b58a941ec4a3ee"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c05155cc455785916164aa5e1b4605a2ae946537"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d9384ae7aec46036d248d1c2c2757e471ab486c3"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4H53-XCVW-8WPX

Vulnerability from github – Published: 2024-05-17 12:31 – Updated: 2026-05-12 12:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

cpumap: Zero-initialise xdp_rxq_info struct before running XDP program

When running an XDP program that is attached to a cpumap entry, we don't initialise the xdp_rxq_info data structure being used in the xdp_buff that backs the XDP program invocation. Tobias noticed that this leads to random values being returned as the xdp_md->rx_queue_index value for XDP programs running in a cpumap.

This means we're basically returning the contents of the uninitialised memory, which is bad. Fix this by zero-initialising the rxq data structure before running the XDP program.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27431"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-17T12:15:16Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpumap: Zero-initialise xdp_rxq_info struct before running XDP program\n\nWhen running an XDP program that is attached to a cpumap entry, we don\u0027t\ninitialise the xdp_rxq_info data structure being used in the xdp_buff\nthat backs the XDP program invocation. Tobias noticed that this leads to\nrandom values being returned as the xdp_md-\u003erx_queue_index value for XDP\nprograms running in a cpumap.\n\nThis means we\u0027re basically returning the contents of the uninitialised\nmemory, which is bad. Fix this by zero-initialising the rxq data\nstructure before running the XDP program.",
  "id": "GHSA-4h53-xcvw-8wpx",
  "modified": "2026-05-12T12:31:46Z",
  "published": "2024-05-17T12:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27431"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2487007aa3b9fafbd2cb14068f49791ce1d7ede5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3420b3ff1ff489c177ea1cb7bd9fbbc4e9a0be95"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5f4e51abfbe6eb444fa91906a5cd083044278297"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/eaa7cb836659ced2d9f814ac32aa3ec193803ed6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f0363af9619c77730764f10360e36c6445c12f7b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f562e4c4aab00986dde3093c4be919c3f2b85a4a"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4HM9-844J-JMXP

Vulnerability from github – Published: 2022-05-24 16:49 – Updated: 2026-06-10 13:40
VLAI
Summary
Uninitialized read in Nokogiri gem
Details

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "nokogiri"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.10.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-13117"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-908"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-06-09T23:00:36Z",
    "nvd_published_at": "2019-07-01T02:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.",
  "id": "GHSA-4hm9-844j-jmxp",
  "modified": "2026-06-10T13:40:34Z",
  "published": "2022-05-24T16:49:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13117"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sparklemotion/nokogiri/issues/1943"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4164-1"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20200122-0003"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20190806-0004"
    },
    {
      "type": "WEB",
      "url": "https://oss-fuzz.com/testcase-detail/5631739747106816"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-13117.yml"
    },
    {
      "type": "WEB",
      "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/11/17/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Uninitialized read in Nokogiri gem"
}

GHSA-4JVV-2C5H-WR97

Vulnerability from github – Published: 2024-04-04 09:30 – Updated: 2025-04-01 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: fsl-qdma: init irq after reg initialization

Initialize the qDMA irqs after the registers are configured so that interrupts that may have been pending from a primary kernel don't get processed by the irq handler before it is ready to and cause panic with the following trace:

Call trace: fsl_qdma_queue_handler+0xf8/0x3e8 __handle_irq_event_percpu+0x78/0x2b0 handle_irq_event_percpu+0x1c/0x68 handle_irq_event+0x44/0x78 handle_fasteoi_irq+0xc8/0x178 generic_handle_irq+0x24/0x38 __handle_domain_irq+0x90/0x100 gic_handle_irq+0x5c/0xb8 el1_irq+0xb8/0x180 _raw_spin_unlock_irqrestore+0x14/0x40 __setup_irq+0x4bc/0x798 request_threaded_irq+0xd8/0x190 devm_request_threaded_irq+0x74/0xe8 fsl_qdma_probe+0x4d4/0xca8 platform_drv_probe+0x50/0xa0 really_probe+0xe0/0x3f8 driver_probe_device+0x64/0x130 device_driver_attach+0x6c/0x78 __driver_attach+0xbc/0x158 bus_for_each_dev+0x5c/0x98 driver_attach+0x20/0x28 bus_add_driver+0x158/0x220 driver_register+0x60/0x110 __platform_driver_register+0x44/0x50 fsl_qdma_driver_init+0x18/0x20 do_one_initcall+0x48/0x258 kernel_init_freeable+0x1a4/0x23c kernel_init+0x10/0xf8 ret_from_fork+0x10/0x18

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-26788"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-04T09:15:08Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fsl-qdma: init irq after reg initialization\n\nInitialize the qDMA irqs after the registers are configured so that\ninterrupts that may have been pending from a primary kernel don\u0027t get\nprocessed by the irq handler before it is ready to and cause panic with\nthe following trace:\n\n  Call trace:\n   fsl_qdma_queue_handler+0xf8/0x3e8\n   __handle_irq_event_percpu+0x78/0x2b0\n   handle_irq_event_percpu+0x1c/0x68\n   handle_irq_event+0x44/0x78\n   handle_fasteoi_irq+0xc8/0x178\n   generic_handle_irq+0x24/0x38\n   __handle_domain_irq+0x90/0x100\n   gic_handle_irq+0x5c/0xb8\n   el1_irq+0xb8/0x180\n   _raw_spin_unlock_irqrestore+0x14/0x40\n   __setup_irq+0x4bc/0x798\n   request_threaded_irq+0xd8/0x190\n   devm_request_threaded_irq+0x74/0xe8\n   fsl_qdma_probe+0x4d4/0xca8\n   platform_drv_probe+0x50/0xa0\n   really_probe+0xe0/0x3f8\n   driver_probe_device+0x64/0x130\n   device_driver_attach+0x6c/0x78\n   __driver_attach+0xbc/0x158\n   bus_for_each_dev+0x5c/0x98\n   driver_attach+0x20/0x28\n   bus_add_driver+0x158/0x220\n   driver_register+0x60/0x110\n   __platform_driver_register+0x44/0x50\n   fsl_qdma_driver_init+0x18/0x20\n   do_one_initcall+0x48/0x258\n   kernel_init_freeable+0x1a4/0x23c\n   kernel_init+0x10/0xf8\n   ret_from_fork+0x10/0x18",
  "id": "GHSA-4jvv-2c5h-wr97",
  "modified": "2025-04-01T21:30:29Z",
  "published": "2024-04-04T09:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26788"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3cc5fb824c2125aa3740d905b3e5b378c8a09478"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4529c084a320be78ff2c5e64297ae998c6fdf66b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/474d521da890b3e3585335fb80a6044cb2553d99"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/677102a930643c31f1b4c512b041407058bdfef8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/87a39071e0b639f45e05d296cc0538eef44ec0bd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9579a21e99fe8dab22a253050ddff28d340d74e1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a69c8bbb946936ac4eb6a6ae1e849435aa8d947d"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4M98-X48V-HH97

Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-11-07 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net: ena: Fix error handling in ena_init()

The ena_init() won't destroy workqueue created by create_singlethread_workqueue() when pci_register_driver() failed. Call destroy_workqueue() when pci_register_driver() failed to prevent the resource leak.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49813"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-01T15:16:04Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ena: Fix error handling in ena_init()\n\nThe ena_init() won\u0027t destroy workqueue created by\ncreate_singlethread_workqueue() when pci_register_driver() failed.\nCall destroy_workqueue() when pci_register_driver() failed to prevent the\nresource leak.",
  "id": "GHSA-4m98-x48v-hh97",
  "modified": "2025-11-07T21:31:19Z",
  "published": "2025-05-01T15:31:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49813"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0e2369223b174d198ec42a3ec0a7f06c8727b968"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3f7b2ef8fe924e299bc339811ea3f1b9935c040f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6b23a4b252044e4fd23438930d452244818d7000"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d349e9be5a2c2d7588a2c4e4bfa0bb3dc1226769"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4MFF-CR8H-2RM2

Vulnerability from github – Published: 2025-04-14 21:32 – Updated: 2025-04-14 21:32
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

tipc: check attribute length for bearer name

syzbot reported uninit-value:

BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:644 [inline] BUG: KMSAN: uninit-value in string+0x4f9/0x6f0 lib/vsprintf.c:725 string_nocheck lib/vsprintf.c:644 [inline] string+0x4f9/0x6f0 lib/vsprintf.c:725 vsnprintf+0x2222/0x3650 lib/vsprintf.c:2806 vprintk_store+0x537/0x2150 kernel/printk/printk.c:2158 vprintk_emit+0x28b/0xab0 kernel/printk/printk.c:2256 vprintk_default+0x86/0xa0 kernel/printk/printk.c:2283 vprintk+0x15f/0x180 kernel/printk/printk_safe.c:50 _printk+0x18d/0x1cf kernel/printk/printk.c:2293 tipc_enable_bearer net/tipc/bearer.c:371 [inline] __tipc_nl_bearer_enable+0x2022/0x22a0 net/tipc/bearer.c:1033 tipc_nl_bearer_enable+0x6c/0xb0 net/tipc/bearer.c:1042 genl_family_rcv_msg_doit net/netlink/genetlink.c:731 [inline]

  • Do sanity check the attribute length for TIPC_NLA_BEARER_NAME.
  • Do not use 'illegal name' in printing message.
Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49374"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:01:14Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: check attribute length for bearer name\n\nsyzbot reported uninit-value:\n=====================================================\nBUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:644 [inline]\nBUG: KMSAN: uninit-value in string+0x4f9/0x6f0 lib/vsprintf.c:725\n string_nocheck lib/vsprintf.c:644 [inline]\n string+0x4f9/0x6f0 lib/vsprintf.c:725\n vsnprintf+0x2222/0x3650 lib/vsprintf.c:2806\n vprintk_store+0x537/0x2150 kernel/printk/printk.c:2158\n vprintk_emit+0x28b/0xab0 kernel/printk/printk.c:2256\n vprintk_default+0x86/0xa0 kernel/printk/printk.c:2283\n vprintk+0x15f/0x180 kernel/printk/printk_safe.c:50\n _printk+0x18d/0x1cf kernel/printk/printk.c:2293\n tipc_enable_bearer net/tipc/bearer.c:371 [inline]\n __tipc_nl_bearer_enable+0x2022/0x22a0 net/tipc/bearer.c:1033\n tipc_nl_bearer_enable+0x6c/0xb0 net/tipc/bearer.c:1042\n genl_family_rcv_msg_doit net/netlink/genetlink.c:731 [inline]\n\n- Do sanity check the attribute length for TIPC_NLA_BEARER_NAME.\n- Do not use \u0027illegal name\u0027 in printing message.",
  "id": "GHSA-4mff-cr8h-2rm2",
  "modified": "2025-04-14T21:32:23Z",
  "published": "2025-04-14T21:32:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49374"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/292be63c382ce20673ee61dff1ee9ed4a3dcaae7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3af15272cde28fe5c8489174b8624e232c1775ec"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7f36f798f89bf32c0164049cb0e3fd1af613d0bb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8b91d0dfc839e67708c905648cd0e7507a2263e5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/92a930fcf4250fe961f6238b99af0bc405799f39"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b8fac8e321044a9ac50f7185b4e9d91a7745e4b0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f07670871f4d19e613740eebe210e7e9ea535973"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4P9P-MW39-JMXV

Vulnerability from github – Published: 2025-07-08 18:31 – Updated: 2025-07-08 18:31
VLAI
Details

Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-49718"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-08T17:15:59Z",
    "severity": "HIGH"
  },
  "details": "Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.",
  "id": "GHSA-4p9p-mw39-jmxv",
  "modified": "2025-07-08T18:31:49Z",
  "published": "2025-07-08T18:31:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49718"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49718"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4PG2-M5V4-8FPJ

Vulnerability from github – Published: 2022-05-24 16:56 – Updated: 2022-05-24 16:56
VLAI
Details

An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles invalid parent object pointers. A specially crafted PDF can cause a read and write from uninitialized memory, resulting in memory corruption and possibly arbitrary code execution. To trigger this vulnerability, a specifically crafted PDF document needs to be processed by the target application.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-5067"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-18T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles invalid parent object pointers. A specially crafted PDF can cause a read and write from uninitialized memory, resulting in memory corruption and possibly arbitrary code execution. To trigger this vulnerability, a specifically crafted PDF document needs to be processed by the target application.",
  "id": "GHSA-4pg2-m5v4-8fpj",
  "modified": "2022-05-24T16:56:27Z",
  "published": "2022-05-24T16:56:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5067"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0856"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation

Explicitly initialize the resource before use. If this is performed through an API function or standard procedure, follow all required steps.

Mitigation
Implementation

Pay close attention to complex conditionals that affect initialization, since some branches might not perform the initialization.

Mitigation
Implementation

Avoid race conditions (CWE-362) during initialization routines.

Mitigation
Build and Compilation

Run or compile the product with settings that generate warnings about uninitialized variables or data.

No CAPEC attack patterns related to this CWE.