23 matches found
VulnCheck KEV: CVE-2025-61155
The GameDriverX64.sys kernel-mode anti-cheat driver v7.23.4.7 and earlier contains an access control vulnerability in one of its IOCTL handlers. A user-mode process can open a handle to the driver device and send specially crafted IOCTL requests. These requests are executed in kernel-mode context...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001575)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001575 advisory. The vmwgbsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows...
EUVD-2018-17993
Malware in sbrugna...
EUVD-2018-2433
Malware in sbrugna...
EUVD-2017-5847
Malware in sbrugna...
EUVD-2017-5588
Malware in sbrugna...
USN-6331-1 linux-azure vulnerabilities
It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...
SUSE CVE-2010-3078
The xfsiocfsgetxattr function in fs/xfs/linux-2.6/xfsioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call...
kernel: information leak in scsi_ioctl()
A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege CAPSYSADMIN or CAPSYSRAWIO to create issues with confidentiality...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO CVE-2021-47435 A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local...
Important: kernel
Issue Overview: A use-after-free flaw was found in kernel/trace/ringbuffer.c in Linux kernel. There was a race problem in traceopen and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem DOS. This flaw could even allow a local attacker with special use...
USN-5070-1 linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-hwe-5.11, linux-kvm, linux-oracle, linux-oracle-5.11, linux-raspi vulnerabilities
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...
kernel: denial of service via ioctl call in network tun handling
A flaw was found in the Linux kernel's implementation of networking tunnel device ioctl. A local attacker can cause a denial of service NULL pointer dereference and panic via an ioctl TUNSETIFF call with a dev name containing a / character...
kernel: denial of service via ioctl call in network tun handling
A flaw was found in the Linux kernel's implementation of networking tunnel device ioctl. A local attacker can cause a denial of service NULL pointer dereference and panic via an ioctl TUNSETIFF call with a dev name containing a / character...
CVE-2020-8876
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
CVE-2020-8875
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Privilege escalation
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver. An attacker must first obtain the abilit...
kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko
A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when being invoked using the splice system call. A local unprivileged user on a system with either...
DEBIAN-CVE-2015-7885
The dgncmgmtioctl function in drivers/staging/dgnc/dgncmgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application...
kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command
A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory. CVE-2014-173...