Vulnerabilities > Use of Uninitialized Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-26 | CVE-2017-18306 | Use of Uninitialized Resource vulnerability in Qualcomm products Information disclosure due to uninitialized variable. | 5.5 |
| 2024-11-25 | CVE-2024-53101 | Use of Uninitialized Resource vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set. Initialize all fields of newattrs to avoid uninitialized variables, by checking if ATTR_MODE, ATTR_UID, ATTR_GID are initialized, otherwise 0. | 5.5 |
| 2024-11-22 | CVE-2024-8842 | Use of Uninitialized Resource vulnerability in Pdf-Xchange Pdf-Tools and Pdf-Xchange Editor PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability. | 7.8 |
| 2024-11-22 | CVE-2024-9717 | Use of Uninitialized Resource vulnerability in Trimble Sketchup Viewer 22.0.316.0 Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. | 7.8 |
| 2024-11-19 | CVE-2018-9420 | Use of Uninitialized Resource vulnerability in Google Android In BnCameraService::onTransact of CameraService.cpp, there is a possible information disclosure due to uninitialized data. | 5.5 |
| 2024-11-19 | CVE-2018-9421 | Use of Uninitialized Resource vulnerability in Google Android In writeInplace of Parcel.cpp, there is a possible information leak across processes, using Binder, due to uninitialized data. | 5.5 |
| 2024-11-19 | CVE-2018-9345 | Use of Uninitialized Resource vulnerability in Google Android In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. | 5.5 |
| 2024-11-19 | CVE-2018-9346 | Use of Uninitialized Resource vulnerability in Google Android In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. | 5.5 |
| 2024-11-19 | CVE-2024-53066 | Use of Uninitialized Resource vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decode_getfattr_attrs() Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: [B]=BAD_PAGE Hardware name: QEMU Standard PC (Q35 + ICH9, 2009) ===================================================== ===================================================== BUG: KMSAN: uninit-value in decode_getfattr_attrs+0x2d6d/0x2f90 decode_getfattr_attrs+0x2d6d/0x2f90 decode_getfattr_generic+0x806/0xb00 nfs4_xdr_dec_getattr+0x1de/0x240 rpcauth_unwrap_resp_decode+0xab/0x100 rpcauth_unwrap_resp+0x95/0xc0 call_decode+0x4ff/0xb50 __rpc_execute+0x57b/0x19d0 rpc_execute+0x368/0x5e0 rpc_run_task+0xcfe/0xee0 nfs4_proc_getattr+0x5b5/0x990 __nfs_revalidate_inode+0x477/0xd00 nfs_access_get_cached+0x1021/0x1cc0 nfs_do_access+0x9f/0xae0 nfs_permission+0x1e4/0x8c0 inode_permission+0x356/0x6c0 link_path_walk+0x958/0x1330 path_lookupat+0xce/0x6b0 filename_lookup+0x23e/0x770 vfs_statx+0xe7/0x970 vfs_fstatat+0x1f2/0x2c0 __se_sys_newfstatat+0x67/0x880 __x64_sys_newfstatat+0xbd/0x120 x64_sys_call+0x1826/0x3cf0 do_syscall_64+0xd0/0x1b0 entry_SYSCALL_64_after_hwframe+0x77/0x7f The KMSAN warning is triggered in decode_getfattr_attrs(), when calling decode_attr_mdsthreshold(). | 5.5 |
| 2024-11-19 | CVE-2024-53083 | Use of Uninitialized Resource vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: usb: typec: qcom-pmic: init value of hdr_len/txbuf_len earlier If the read of USB_PDPHY_RX_ACKNOWLEDGE_REG failed, then hdr_len and txbuf_len are uninitialized. | 5.5 |