1626 matches found
fox-foxone-exploit
markdown FoxFOXONE Driver Exploit Local privilege escalat...
SUSE CVE-2026-46236
In the Linux kernel, the following vulnerability has been resolved: media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...
Linux Distros Unpatched Vulnerability : CVE-2026-46205
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: media: atomisp: Disallow all private IOCTLs Disallow all private IOCTLs. These aren't quite as safe as one could assume of IOCTL handlers; disable them...
Linux Distros Unpatched Vulnerability : CVE-2026-46236
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...
CVE-2026-46197
A flaw was found in the Linux kernel. A local attacker could exploit an out-of-bounds buffer access vulnerability in the AMDGPU kernel driver by providing a specially crafted attribute count during SVM ioctl operations. This improper validation could allow the attacker to cause a system crash,...
CVE-2026-46236
A flaw was found in the Linux kernel's media: rc: xboxremote driver. This vulnerability arises from incorrect handling of Direct Memory Access DMA buffers, where the buffer for I/O operations is improperly part of the device structure. This violation of DMA coherency rules could lead to data...
CVE-2026-46105
A flaw was found in the mpt3sas driver within the Linux kernel. This vulnerability allows for oversized Non-Volatile Memory Express NVMe input/output I/O operations due to improper size limitations. An attacker or a malicious NVMe device could exploit this by issuing I/O requests that exceed the...
CVE-2026-46236
In the Linux kernel, the following vulnerability has been resolved: media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...
UBUNTU-CVE-2026-46200
In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix controller deregistration Make sure to deregister the controller before disabling and releasing underlying resources like interrupts and gpios during driver unbind...
UBUNTU-CVE-2026-46236
In the Linux kernel, the following vulnerability has been resolved: media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...
CVE-2026-46205
In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Disallow all private IOCTLs Disallow all private IOCTLs. These aren't quite as safe as one could assume of IOCTL handlers; disable them for now. Instead of removing the code, return in the beginning of th...
fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_info
...
CVE-2026-45862
A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit virtualized directed I/O VT-d component. When a freshly allocated PASID Process Address Space ID table is written to a directory entry, the CPU cache flush for this table occurs too late. This creates a time window...
SUSE CVE-2026-45953
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix IO hang with degraded array with llbitmap When llbitmap bit state is still unwritten, any new write should force rcw, as bitmapops-blockssynced is checked in handlestripedirtying. However, later the same check is...
SUSE CVE-2026-45985
In the Linux kernel, the following vulnerability has been resolved: ext4: don't set EXT4GETBLOCKSCONVERT when splitting before submitting I/O When allocating blocks during within-EOF DIO and writeback with dioreadnolock enabled, EXT4GETBLOCKSPREIO was set to split an existing large unwritten...
SUSE CVE-2026-46065
In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: Disconnect deferred I/O from the lifetime of struct fbinfo Hold state of deferred I/O in struct fbdeferrediostate. Allocate an instance as part of initializing deferred I/O and remove it only after the final mapping...
CVE-2026-45944
A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit VT-d Virtualization Technology for Directed I/O component. When a context entry is being torn down, the 'Present' bit might not be cleared before other parts of the entry are zeroed. This can lead to the hardware...
CVE-2026-45945
A flaw was found in the Linux kernel's Intel VT-d Virtualization Technology for Directed I/O implementation. A race condition occurs during the replacement of an active PASID Process Address Space ID entry. This can lead to the IOMMU Input/Output Memory Management Unit hardware reading an...
PT-2026-44320
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the drm/amdkfd component where the nattr field is not properly validated against the buffer size. This allows for out-of-bounds buffer access through a user-controlled...
PT-2026-44359
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xbox remote component of the media subsystem where the IO buffer is part of the device structure. This configuration violates DMA Direct Memory Access coherency...