245 matches found
PT-2025-37572
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to the assignment logic of iocb within the f2fs filesystem. A commit introduced an iocb field in a trace event, attempting to assign a pointer...
SpyShelter 安全漏洞
SpyShelter is a host intrusion prevention system software from the US-based SpyShelter team. A security vulnerability exists in SpyShelter 15.4.0.1015 and earlier versions, which stems from an unknown function issue in the library SpyShelter.sys in the component IOCTL Handler, which could lead to...
btrfs: qgroup: fix race between quota disable and quota rescan ioctl
...
CVE-2025-52915
K7RKScan.sys 23.0.0.10, part of the K7 Security Anti-Malware suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This is caused by insufficient caller validation in the driver's IOCTL handler, enabli...
CVE-2025-38731 drm/xe: Fix vm_bind_ioctl double free bug
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix vmbindioctl double free bug If the argument check during an array bind fails, the bindops are freed twice as seen below. Fix this by setting bindops to NULL after freeing...
AZL-66794 CVE-2025-38685 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...
Linux Distros Unpatched Vulnerability : CVE-2025-38459
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - atm: clip: Fix infinite recursive call of clippush. syzbot reported the splat below. 0 This happens if we call ioctlATMARPMKIP more than once. During the first...
CVE-2025-51060
An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker can use DeviceIoControl with the unvalidated parameters 0x9C402440 and 0x9C402444 as IoControlCodes to perform RDMSR and WRMSR, respectively. Through this process, the attacker can modify MSRLSTAR and hook KiSystemCall64. Afterward,...
kernel: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access
In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via C45 clause 45 mdiobus, there is no verificati...
AZL-64550 CVE-2025-38111 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of parameters passed ...
kernel: dm ioctl: prevent potential spectre v1 gadget
A vulnerability was found in the Linux kernel's dm-ioctl interface in the lookupioctl function, which accepts a user-provided cmd value that is used to index the ioctls array directly. This issue could lead to an out-of-bounds access if the CPU speculatively executes the array access before cmd i...
DEBIAN-CVE-2022-50027
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfcsli4issuewqe fails to issue the CMF WQE in lpfcissuecmfsyncwqe. If retval is non-zero, then free the iocbq request...
CVE-2023-1453
A vulnerability was found in Watchdog Anti-Virus 1.4.214.0. It has been rated as critical. Affected by this issue is the function 0x80002008 in the library wsdk-driver.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Attacking locally is a requiremen...
CVE-2023-1486
A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is...
CVE-2023-1007
A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally...
CVE-2025-21447
Memory corruption may occur while processing device IO control call for session control...
CVE-2025-21447
Memory corruption may occur while processing device IO control call for session control...
CVE-2025-21447
CVE-2025-21447 affects Qualcomm Snapdragon chipsets. The issue is memory corruption occurring when processing a device IOCTL call for session control, caused by an underlying vulnerability in the IOCTL handling path. The provided sources (NVD/Red Hat/CVE record and related feeds) confirm the memo...
CVE-2025-21447 Improper Validation of Array Index in Computer Vision
Memory corruption may occur while processing device IO control call for session control...
PT-2025-15217 · Qualcomm · Qualcomm Snapdragon
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon and related products versions prior to the fixed version Description: Memory corruption may occur while processing device IO control call for session control. Recommendations: At the moment, there is no information about a...