CVE-2026-25258 Out-of-bounds Read in DSP Service

Memory corruption while processing IOCTL calls for escape operations...

SUSE CVE-2026-46205

In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Disallow all private IOCTLs Disallow all private IOCTLs. These aren't quite as safe as one could assume of IOCTL handlers; disable them for now. Instead of removing the code, return in the beginning of th...

CVE-2026-46205

A flaw was found in the Linux kernel's atomisp driver, located in the staging: media subsystem. This vulnerability involves the unsafe handling of private Input/Output Control IOCTL operations. While specific exploitation details are not provided, the presence of unsafe IOCTL handlers could...

CVE-2026-46205

In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Disallow all private IOCTLs Disallow all private IOCTLs. These aren't quite as safe as one could assume of IOCTL handlers; disable them for now. Instead of removing the code, return in the beginning of th...

CVE-2026-46205

Summary (grounded from provided sources): CVE-2026-46205 affects the Linux kernel atomisp driver (staging: media). The root cause is unsafe handling of private IOCTLs; the change disallows all private IOCTLs and returns early when cmd is non-zero to satisfy static checkers. This vulnerability is ...

CVE-2026-46036

The CVE covers a race in the Linux kernel vfio/cdx driver where concurrent VFIO_DEVICE_SET_IRQS ioctls can observe inconsistent state of config_msi and cdx_irqs, leading to use-after-free of the cdx_irqs array. A per-device mutex (cdx_irqs_lock) is added to struct vfio_cdx_device and is acquired ...

CVE-2026-43338

CVE-2026-43338 affects the Linux kernel with the Btrfs filesystem. The issue arises because qgroup ioctls do not reserve transaction space, allowing -ENOSPC scenarios during quota-tree updates and delayed refs, which can abort transactions and enable a DoS condition. Vendors have published adviso...

CVE-2025-54601

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor amd Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Improper synchronization on a global variable leads to a double free. An attacker can trigger a race condition by invoking an...

CVE-2025-47381

Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs...

CVE-2025-47375

Memory corruption while handling different IOCTL calls from the user-space simultaneously...

CVE-2025-47386

Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs...

CVE-2025-47377 Use After Free in Automotive Audio

Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls...

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a resource management vulnerability, which stems from accessing a released buffer when handling IOCTL calls, potentially leading to memory corruption...

kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM Classical IP CLIP module. A local user can trigger an infinite recursive call in the clippush function by repeatedly calling the ioctlATMARPMKIP system call. This vulnerability occurs when the socket is closed, leading to stack...

PT-2026-3764

GitHub - canyie/CVE-2024-23700: PoC for CVE-2024-23700, privilege escalation allows silently obtain permissions to read/write contacts, SMS, calendar, call log and voicemail, make outgoing calls or answer incoming calls, manipulate call settings, access https://t.co/CCm7jUKWw6...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002437)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002437 advisory. Race condition in the ttyioctl function in drivers/tty/ttyio.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memor...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002378)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002378 advisory. Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service memory corruption or possibly...

PT-2026-30648

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description A memory corruption issue exists when using deprecated DMABUF IOCTL calls to manage video memory. Recommendations At the moment, there is no information about a...

CVE-2025-47387 Untrusted Pointer Dereference in Camera

Memory Corruption when processing IOCTLs for JPEG data without verification...

EUVD-2025-203740

In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue 1 that crashes kernel, seemingly due to unexistent callback dev-getvalidroutes. By all means, this should not occur as said callback must always b...