Common Weakness Enumeration

CWE-909

Allowed-with-Review

Missing Initialization of Resource

Abstraction: Class · Status: Incomplete

The product does not initialize a critical resource.

96 vulnerabilities reference this CWE, most recent first.

GHSA-35XQ-5WPH-PXQW

Vulnerability from github – Published: 2021-12-16 00:00 – Updated: 2022-07-13 00:01
VLAI
Details

In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-120612905References: Upstream kernel

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-39636"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-909"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-15T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-120612905References: Upstream kernel",
  "id": "GHSA-35xq-5wph-pxqw",
  "modified": "2022-07-13T00:01:37Z",
  "published": "2021-12-16T00:00:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39636"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/pixel/2021-12-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3G5V-28P4-H3V9

Vulnerability from github – Published: 2025-06-18 12:30 – Updated: 2026-01-23 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()

The simple_write_to_buffer() function will succeed if even a single byte is initialized. However, we need to initialize the whole buffer to prevent information leaks. Just use memdup_user().

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50169"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-909"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-18T11:15:47Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()\n\nThe simple_write_to_buffer() function will succeed if even a single\nbyte is initialized.  However, we need to initialize the whole buffer\nto prevent information leaks.  Just use memdup_user().",
  "id": "GHSA-3g5v-28p4-h3v9",
  "modified": "2026-01-23T18:31:22Z",
  "published": "2025-06-18T12:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50169"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/05ceda14ef7c73104e709c414c3680d8a59f51d4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/074e865b37da55aa87baa16d68b96896f85f8adb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4615458db7793fadc6d546ac3564b36819e77a22"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/60c9983425167ec5073c628d83a6875760d18059"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/67470920cd3f3cb38699b1ad23234f96bead4d21"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/789edc1af9c1a2293956e8534bfef3d18d629de9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7a4836560a6198d245d5732e26f94898b12eb760"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c1216e699a1ce83ea005510844bd7508d34c6cef"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-46V4-9J9W-FV79

Vulnerability from github – Published: 2024-02-28 09:30 – Updated: 2025-01-21 15:31
VLAI
Details

ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) through 9.1 allows remote attackers to cause a denial of service (ospfd daemon crash) via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27913"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-909"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-28T07:15:09Z",
    "severity": "MODERATE"
  },
  "details": "ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) through 9.1 allows remote attackers to cause a denial of service (ospfd daemon crash) via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field.",
  "id": "GHSA-46v4-9j9w-fv79",
  "modified": "2025-01-21T15:31:02Z",
  "published": "2024-02-28T09:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27913"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FRRouting/frr/pull/15431"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4C9Q-7835-998J

Vulnerability from github – Published: 2025-08-16 12:30 – Updated: 2025-11-18 18:32
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net: libwx: properly reset Rx ring descriptor

When device reset is triggered by feature changes such as toggling Rx VLAN offload, wx->do_reset() is called to reinitialize Rx rings. The hardware descriptor ring may retain stale values from previous sessions. And only set the length to 0 in rx_desc[0] would result in building malformed SKBs. Fix it to ensure a clean slate after device reset.

[ 549.186435] [ C16] ------------[ cut here ]------------ [ 549.186457] [ C16] kernel BUG at net/core/skbuff.c:2814! [ 549.186468] [ C16] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 549.186472] [ C16] CPU: 16 UID: 0 PID: 0 Comm: swapper/16 Kdump: loaded Not tainted 6.16.0-rc4+ #23 PREEMPT(voluntary) [ 549.186476] [ C16] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024 [ 549.186478] [ C16] RIP: 0010:__pskb_pull_tail+0x3ff/0x510 [ 549.186484] [ C16] Code: 06 f0 ff 4f 34 74 7b 4d 8b 8c 24 c8 00 00 00 45 8b 84 24 c0 00 00 00 e9 c8 fd ff ff 48 c7 44 24 08 00 00 00 00 e9 5e fe ff ff <0f> 0b 31 c0 e9 23 90 5b ff 41 f7 c6 ff 0f 00 00 75 bf 49 8b 06 a8 [ 549.186487] [ C16] RSP: 0018:ffffb391c0640d70 EFLAGS: 00010282 [ 549.186490] [ C16] RAX: 00000000fffffff2 RBX: ffff8fe7e4d40200 RCX: 00000000fffffff2 [ 549.186492] [ C16] RDX: ffff8fe7c3a4bf8e RSI: 0000000000000180 RDI: ffff8fe7c3a4bf40 [ 549.186494] [ C16] RBP: ffffb391c0640da8 R08: ffff8fe7c3a4c0c0 R09: 000000000000000e [ 549.186496] [ C16] R10: ffffb391c0640d88 R11: 000000000000000e R12: ffff8fe7e4d40200 [ 549.186497] [ C16] R13: 00000000fffffff2 R14: ffff8fe7fa01a000 R15: 00000000fffffff2 [ 549.186499] [ C16] FS: 0000000000000000(0000) GS:ffff8fef5ae40000(0000) knlGS:0000000000000000 [ 549.186502] [ C16] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 549.186503] [ C16] CR2: 00007f77d81d6000 CR3: 000000051a032000 CR4: 0000000000750ef0 [ 549.186505] [ C16] PKRU: 55555554 [ 549.186507] [ C16] Call Trace: [ 549.186510] [ C16] [ 549.186513] [ C16] ? srso_alias_return_thunk+0x5/0xfbef5 [ 549.186517] [ C16] __skb_pad+0xc7/0xf0 [ 549.186523] [ C16] wx_clean_rx_irq+0x355/0x3b0 [libwx] [ 549.186533] [ C16] wx_poll+0x92/0x120 [libwx] [ 549.186540] [ C16] __napi_poll+0x28/0x190 [ 549.186544] [ C16] net_rx_action+0x301/0x3f0 [ 549.186548] [ C16] ? srso_alias_return_thunk+0x5/0xfbef5 [ 549.186551] [ C16] ? __raw_spin_lock_irqsave+0x1e/0x50 [ 549.186554] [ C16] ? srso_alias_return_thunk+0x5/0xfbef5 [ 549.186557] [ C16] ? wake_up_nohz_cpu+0x35/0x160 [ 549.186559] [ C16] ? srso_alias_return_thunk+0x5/0xfbef5 [ 549.186563] [ C16] handle_softirqs+0xf9/0x2c0 [ 549.186568] [ C16] __irq_exit_rcu+0xc7/0x130 [ 549.186572] [ C16] common_interrupt+0xb8/0xd0 [ 549.186576] [ C16] [ 549.186577] [ C16] [ 549.186579] [ C16] asm_common_interrupt+0x22/0x40 [ 549.186582] [ C16] RIP: 0010:cpuidle_enter_state+0xc2/0x420 [ 549.186585] [ C16] Code: 00 00 e8 11 0e 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 0d ed 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 <45> 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d [ 549.186587] [ C16] RSP: 0018:ffffb391c0277e78 EFLAGS: 00000246 [ 549.186590] [ C16] RAX: ffff8fef5ae40000 RBX: 0000000000000003 RCX: 0000000000000000 [ 549.186591] [ C16] RDX: 0000007fde0faac5 RSI: ffffffff826e53f6 RDI: ffffffff826fa9b3 [ 549.186593] [ C16] RBP: ffff8fe7c3a20800 R08: 0000000000000002 R09: 0000000000000000 [ 549.186595] [ C16] R10: 0000000000000000 R11: 000000000000ffff R12: ffffffff82ed7a40 [ 549.186596] [ C16] R13: 0000007fde0faac5 R14: 0000000000000003 R15: 0000000000000000 [ 549.186601] [ C16] ? cpuidle_enter_state+0xb3/0x420 [ 549.186605] [ C16] cpuidle_en ---truncated---

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-38532"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-909"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-16T12:15:28Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: properly reset Rx ring descriptor\n\nWhen device reset is triggered by feature changes such as toggling Rx\nVLAN offload, wx-\u003edo_reset() is called to reinitialize Rx rings. The\nhardware descriptor ring may retain stale values from previous sessions.\nAnd only set the length to 0 in rx_desc[0] would result in building\nmalformed SKBs. Fix it to ensure a clean slate after device reset.\n\n[  549.186435] [     C16] ------------[ cut here ]------------\n[  549.186457] [     C16] kernel BUG at net/core/skbuff.c:2814!\n[  549.186468] [     C16] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[  549.186472] [     C16] CPU: 16 UID: 0 PID: 0 Comm: swapper/16 Kdump: loaded Not tainted 6.16.0-rc4+ #23 PREEMPT(voluntary)\n[  549.186476] [     C16] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[  549.186478] [     C16] RIP: 0010:__pskb_pull_tail+0x3ff/0x510\n[  549.186484] [     C16] Code: 06 f0 ff 4f 34 74 7b 4d 8b 8c 24 c8 00 00 00 45 8b 84 24 c0 00 00 00 e9 c8 fd ff ff 48 c7 44 24 08 00 00 00 00 e9 5e fe ff ff \u003c0f\u003e 0b 31 c0 e9 23 90 5b ff 41 f7 c6 ff 0f 00 00 75 bf 49 8b 06 a8\n[  549.186487] [     C16] RSP: 0018:ffffb391c0640d70 EFLAGS: 00010282\n[  549.186490] [     C16] RAX: 00000000fffffff2 RBX: ffff8fe7e4d40200 RCX: 00000000fffffff2\n[  549.186492] [     C16] RDX: ffff8fe7c3a4bf8e RSI: 0000000000000180 RDI: ffff8fe7c3a4bf40\n[  549.186494] [     C16] RBP: ffffb391c0640da8 R08: ffff8fe7c3a4c0c0 R09: 000000000000000e\n[  549.186496] [     C16] R10: ffffb391c0640d88 R11: 000000000000000e R12: ffff8fe7e4d40200\n[  549.186497] [     C16] R13: 00000000fffffff2 R14: ffff8fe7fa01a000 R15: 00000000fffffff2\n[  549.186499] [     C16] FS:  0000000000000000(0000) GS:ffff8fef5ae40000(0000) knlGS:0000000000000000\n[  549.186502] [     C16] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  549.186503] [     C16] CR2: 00007f77d81d6000 CR3: 000000051a032000 CR4: 0000000000750ef0\n[  549.186505] [     C16] PKRU: 55555554\n[  549.186507] [     C16] Call Trace:\n[  549.186510] [     C16]  \u003cIRQ\u003e\n[  549.186513] [     C16]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  549.186517] [     C16]  __skb_pad+0xc7/0xf0\n[  549.186523] [     C16]  wx_clean_rx_irq+0x355/0x3b0 [libwx]\n[  549.186533] [     C16]  wx_poll+0x92/0x120 [libwx]\n[  549.186540] [     C16]  __napi_poll+0x28/0x190\n[  549.186544] [     C16]  net_rx_action+0x301/0x3f0\n[  549.186548] [     C16]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  549.186551] [     C16]  ? __raw_spin_lock_irqsave+0x1e/0x50\n[  549.186554] [     C16]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  549.186557] [     C16]  ? wake_up_nohz_cpu+0x35/0x160\n[  549.186559] [     C16]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  549.186563] [     C16]  handle_softirqs+0xf9/0x2c0\n[  549.186568] [     C16]  __irq_exit_rcu+0xc7/0x130\n[  549.186572] [     C16]  common_interrupt+0xb8/0xd0\n[  549.186576] [     C16]  \u003c/IRQ\u003e\n[  549.186577] [     C16]  \u003cTASK\u003e\n[  549.186579] [     C16]  asm_common_interrupt+0x22/0x40\n[  549.186582] [     C16] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[  549.186585] [     C16] Code: 00 00 e8 11 0e 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 0d ed 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[  549.186587] [     C16] RSP: 0018:ffffb391c0277e78 EFLAGS: 00000246\n[  549.186590] [     C16] RAX: ffff8fef5ae40000 RBX: 0000000000000003 RCX: 0000000000000000\n[  549.186591] [     C16] RDX: 0000007fde0faac5 RSI: ffffffff826e53f6 RDI: ffffffff826fa9b3\n[  549.186593] [     C16] RBP: ffff8fe7c3a20800 R08: 0000000000000002 R09: 0000000000000000\n[  549.186595] [     C16] R10: 0000000000000000 R11: 000000000000ffff R12: ffffffff82ed7a40\n[  549.186596] [     C16] R13: 0000007fde0faac5 R14: 0000000000000003 R15: 0000000000000000\n[  549.186601] [     C16]  ? cpuidle_enter_state+0xb3/0x420\n[  549.186605] [     C16]  cpuidle_en\n---truncated---",
  "id": "GHSA-4c9q-7835-998j",
  "modified": "2025-11-18T18:32:48Z",
  "published": "2025-08-16T12:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38532"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/10e27b2a6ebeda49e9c2897a699d3ce1ded565ee"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d510116c80b37efb100ce8d5ee326214b0157293"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d992ed7e1b687ad7df0763d3e015a5358646210b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ee527d3fba4dae1d619d2d0438624002c8e99e24"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4RF2-7PHJ-4VWQ

Vulnerability from github – Published: 2024-10-10 09:30 – Updated: 2024-10-10 09:30
VLAI
Details

ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-9780"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-456",
      "CWE-909"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-10T07:15:03Z",
    "severity": "HIGH"
  },
  "details": "ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file",
  "id": "GHSA-4rf2-7phj-4vwq",
  "modified": "2024-10-10T09:30:35Z",
  "published": "2024-10-10T09:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9780"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/wireshark/wireshark/-/issues/20026"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2024-12.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4RW9-JWMQ-4V5R

Vulnerability from github – Published: 2022-02-12 00:00 – Updated: 2022-10-07 18:15
VLAI
Details

An information leak flaw was found due to uninitialized memory in the Linux kernel’s TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user cannot control what is read. This flaw affects the Linux kernel versions prior to 5.17-rc1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-0382"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-909"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-11T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An information leak flaw was found due to uninitialized memory in the Linux kernel\u2019s TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user cannot control what is read. This flaw affects the Linux kernel versions prior to 5.17-rc1.",
  "id": "GHSA-4rw9-jwmq-4v5r",
  "modified": "2022-10-07T18:15:54Z",
  "published": "2022-02-12T00:00:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0382"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/d6d86830705f173fca6087a3e67ceaf68db80523"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4VQ8-7JFC-9CVP

Vulnerability from github – Published: 2025-07-29 19:56 – Updated: 2026-03-27 17:37
VLAI
Summary
Moby firewalld reload removes bridge network isolation
Details

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (dockerd), which is developed as moby/moby is commonly referred to as Docker, or Docker Engine.

Firewalld is a daemon used by some Linux distributions to provide a dynamically managed firewall. When Firewalld is running, Docker uses its iptables backend to create rules, including rules to isolate containers in one bridge network from containers in other bridge networks.

Impact

The iptables rules created by Docker are removed when firewalld is reloaded using, for example "firewall-cmd --reload", "killall -HUP firewalld", or "systemctl reload firewalld".

When that happens, Docker must re-create the rules. However, in affected versions of Docker, the iptables rules that isolate containers in different bridge networks from each other are not re-created.

Once these rules have been removed, containers have access to any port, on any container, in any non-internal bridge network, running on the Docker host.

Containers running in networks created with --internal or equivalent have no access to other networks. Containers that are only connected to these networks remain isolated after a firewalld reload.

Where Docker Engine is not running in the host's network namespace, it is unaffected. Including, for example, Rootless Mode, and Docker Desktop.

Patches

Moby releases 28.0.0 and newer are not affected. A fix is available in moby release 25.0.13.

Workarounds

After reloading firewalld, either: - Restart the docker daemon, - Re-create bridge networks, or - Use rootless mode.

References

https://firewalld.org/ https://firewalld.org/documentation/howto/reload-firewalld.html

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 25.0.12"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/docker/docker"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "25.0.13"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/docker/docker"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "26.0.0-rc1"
            },
            {
              "fixed": "28.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-54410"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-909"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-29T19:56:25Z",
    "nvd_published_at": "2025-07-30T14:15:28Z",
    "severity": "LOW"
  },
  "details": "Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (dockerd), which is developed as [moby/moby](https://github.com/moby/moby) is commonly referred to as Docker, or Docker Engine.\n\nFirewalld is a daemon used by some Linux distributions to provide a dynamically managed firewall. When Firewalld is running, Docker uses its iptables backend to create rules, including rules to isolate containers in one bridge network from containers in other bridge networks.\n\n### Impact\n\nThe iptables rules created by Docker are removed when firewalld is reloaded using, for example \"firewall-cmd --reload\", \"killall -HUP firewalld\", or \"systemctl reload firewalld\".\n\nWhen that happens, Docker must re-create the rules. However, in affected versions of Docker, the iptables rules that isolate containers in different bridge networks from each other are not re-created.\n\nOnce these rules have been removed, containers have access to any port, on any container, in any non-internal bridge network, running on the Docker host.\n\nContainers running in networks created with `--internal` or equivalent have no access to other networks. Containers that are only connected to these networks remain isolated after a firewalld reload.\n\nWhere Docker Engine is not running in the host\u0027s network namespace, it is unaffected. Including, for example, Rootless Mode, and Docker Desktop.\n\n### Patches\n\nMoby releases 28.0.0 and newer are not affected. A fix is available in moby release 25.0.13.\n\n### Workarounds\nAfter reloading firewalld, either:\n- Restart the docker daemon,\n- Re-create bridge networks, or\n- Use rootless mode.\n\n### References\nhttps://firewalld.org/\nhttps://firewalld.org/documentation/howto/reload-firewalld.html",
  "id": "GHSA-4vq8-7jfc-9cvp",
  "modified": "2026-03-27T17:37:52Z",
  "published": "2025-07-29T19:56:25Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/moby/moby/security/advisories/GHSA-4vq8-7jfc-9cvp"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54410"
    },
    {
      "type": "WEB",
      "url": "https://github.com/moby/moby/pull/49443"
    },
    {
      "type": "WEB",
      "url": "https://github.com/moby/moby/pull/49728"
    },
    {
      "type": "WEB",
      "url": "https://firewalld.org/documentation/howto/reload-firewalld.html"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/moby/moby"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moby firewalld reload removes bridge network isolation"
}

GHSA-53HX-F3MF-P54C

Vulnerability from github – Published: 2022-05-02 03:43 – Updated: 2025-04-09 04:15
VLAI
Details

The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2009-3228"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-909"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-10-19T20:00:00Z",
    "severity": "LOW"
  },
  "details": "The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors.",
  "id": "GHSA-53hx-f3mf-p54c",
  "modified": "2025-04-09T04:15:28Z",
  "published": "2022-05-02T03:43:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3228"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=520990"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6757"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9409"
    },
    {
      "type": "WEB",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1540.html"
    },
    {
      "type": "WEB",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1548.html"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git%3Ba=commit%3Bh=096ed17f20affc2db0e307658c69b67433992a7a"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git;a=commit;h=096ed17f20affc2db0e307658c69b67433992a7a"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=16ebb5e0b36ceadc8186f71d68b0c4fa4b6e781b"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=16ebb5e0b36ceadc8186f71d68b0c4fa4b6e781b"
    },
    {
      "type": "WEB",
      "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
    },
    {
      "type": "WEB",
      "url": "http://patchwork.ozlabs.org/patch/32830"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/37084"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/38794"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/38834"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.6"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.31/ChangeLog-2.6.31-rc9"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2009/09/03/1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2009/09/05/2"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2009/09/06/2"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2009/09/07/2"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2009/09/17/1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2009/09/17/9"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1522.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1023073"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-864-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/0528"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-59PC-R9MR-H2PV

Vulnerability from github – Published: 2026-05-01 15:30 – Updated: 2026-07-14 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak

When processing Router Advertisements with user options the kernel builds an RTM_NEWNDUSEROPT netlink message. The nduseroptmsg struct has three padding fields that are never zeroed and can leak kernel data

The fix is simple, just zeroes the padding fields.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-43040"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-909"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-01T15:16:50Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak\n\nWhen processing Router Advertisements with user options the kernel\nbuilds an RTM_NEWNDUSEROPT netlink message. The nduseroptmsg struct\nhas three padding fields that are never zeroed and can leak kernel data\n\nThe fix is simple, just zeroes the padding fields.",
  "id": "GHSA-59pc-r9mr-h2pv",
  "modified": "2026-07-14T15:31:57Z",
  "published": "2026-05-01T15:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43040"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/11d7fe97421cfc81549940c20ed5ac9472d6db05"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1da9023f6b071a38e5430ffbce4b70b2b1ac4f9c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2fe4d0ba690a69ad6ae9f7ab9bdc96e02610b648"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4f810c686fde509d1cdaa706322d9d2531f8f1a4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7f56d87e527bb5a13c3e8b0d5840cb6332822f6d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ae05340ccaa9d347fe85415609e075545bec589f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b485eef3d97b7aae55ce669b6de555ec81f3d21c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ef3645606e4a635d5062a492f22b7f490852ee67"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5HCM-2JV2-8GGV

Vulnerability from github – Published: 2022-05-13 01:10 – Updated: 2022-05-13 01:10
VLAI
Details

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-10811"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-909"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-06-19T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.",
  "id": "GHSA-5hcm-2jv2-8ggv",
  "modified": "2022-05-13T01:10:05Z",
  "published": "2022-05-13T01:10:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10811"
    },
    {
      "type": "WEB",
      "url": "https://download.strongswan.org/security/CVE-2018-10811"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBO6ZQKLB5RY3TV7MXADFTQKXA2LUEIL"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201811-16"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3771-1"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2018/dsa-4229"
    },
    {
      "type": "WEB",
      "url": "https://www.strongswan.org/blog/2018/05/28/strongswan-vulnerability-(cve-2018-10811).html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00077.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00047.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation

Explicitly initialize the resource before use. If this is performed through an API function or standard procedure, follow all specified steps.

Mitigation
Implementation

Pay close attention to complex conditionals that affect initialization, since some branches might not perform the initialization.

Mitigation
Implementation

Avoid race conditions (CWE-362) during initialization routines.

Mitigation
Build and Compilation

Run or compile your product with settings that generate warnings about uninitialized variables or data.

No CAPEC attack patterns related to this CWE.