29 matches found
SUSE CVE-2026-31781
In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...
CVE-2026-31781
In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...
CVE-2026-31781
CVE-2026-31781 concerns the Linux kernel drm/ioc32 compat ioctl path, where a user-controlled pointer was used to index a table of function pointers (spectre-like pattern). The issue is mitigated by applying array_index_nospec on the index to the function-pointer list, as described in the fix. Co...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001837)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001837 advisory. The aaccompatioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAPSYSRAWIO capability, which allows local users t...
EUVD-2024-41760
Malicious code in bioql PyPI...
EUVD-2024-19164
Malicious code in bioql PyPI...
kernel: i2c: validate user data in compat ioctl
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2ctransfer, ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data in compact ioctl to...
UBUNTU-CVE-2021-47339
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: explicitly clear ioctl input data As seen from a recent syzbot bug report, mistakes in the compat ioctl implementation can lead to uninitialized kernel stack data getting used as input for driver ioctl handlers...
CVE-2021-46934
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2ctransfer, ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data in compact ioctl to...
CVE-2021-46934
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2ctransfer, ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data in compact ioctl to...
DEBIAN-CVE-2021-46934
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2ctransfer, ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data in compact ioctl to...
UBUNTU-CVE-2021-46934
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2ctransfer, ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data in compact ioctl to...
CVE-2021-46934 i2c: validate user data in compat ioctl
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2ctransfer, ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data in compact ioctl to...
SUSE CVE-2013-6383
The aaccompatioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAPSYSRAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call...
GSD-2022-1000051 i2c: validate user data in compat ioctl
i2c: validate user data in compat ioctl This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.13 by commit...
GSD-2022-1000042 i2c: validate user data in compat ioctl
i2c: validate user data in compat ioctl This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.90 by commit...
GSD-2022-1000026 i2c: validate user data in compat ioctl
i2c: validate user data in compat ioctl This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.224 by commit...
Samsung - m2m1shot Kernel Driver Buffer Overflow
Samsung - m2m1shot Kernel Driver Buffer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=493 The Samsung m2m1shot driver framework is used to provide hardware acceleration for certain media functions, such as JPEG decoding and scaling images. The driver endpoin...
Samsung - 'm2m1shot' Kernel Driver Buffer Overflow
Source: https://code.google.com/p/google-security-research/issues/detail?id=493 The Samsung m2m1shot driver framework is used to provide hardware acceleration for certain media functions, such as JPEG decoding and scaling images. The driver endpoint /dev/m2m1shotjpeg is accessible by the media...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.34.5uek - aacraid: missing capable check in compat ioctl Dan Carpenter Orabug: 18723276 CVE-2013-6383...