CVE-2026-46091 media: rc: igorplugusb: heed coherency rules

In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately...

CVE-2026-46091

CVE-2026-46091 affects the Linux kernel, specifically the media: rc: igorplugusb path. The issue arises when a USB request structure in a control request is subject to DMA on some host controllers, requiring adherence to DMA coherency rules. The documentation states the request must be allocated ...

PT-2026-43959

In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately...

SUSE CVE-2026-31720

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf, req-length; req-length is derived from the host-controlled USB reque...

CVE-2025-47408

Memory corruption when another driver calls an IOCTL with invalid input/output buffer...

CVE-2026-31720

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf, req-length; req-length is derived from the host-controlled USB reque...

EUVD-2026-26533

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf, req-length; req-length is derived from the host-controlled USB reque...

CVE-2026-31720 usb: gadget: f_uac1_legacy: validate control request size

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf, req-length; req-length is derived from the host-controlled USB reque...

CVE-2026-31720

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy, req-buf, req-length; req-length is derived from the host-controlled USB request...

CVE-2026-31720

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf, req-length; req-length is derived from the host-controlled USB reque...

CVE-2026-31720

CVE-2026-31720 : In the Linux kernel, the USB gadget path f_uac1_legacy incorrectly handles control request length. Specifically, f_audio_complete() copies req->length bytes into a 4-byte stack variable (data) via memcpy, with req->length derived from host-controlled USB requests. This can ...

PT-2026-36355

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f uac1 legacy: validate control request size f audio complete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf, req-length; req-length is derived from the host-controlled USB...

EnTech Taiwan PowerStrip 安全漏洞

EnTech Taiwan PowerStrip is a display adjustment and graphics card parameter optimization control software developed by EnTech Taiwan. Versions of EnTech Taiwan PowerStrip 3.90.736 and earlier contain security vulnerabilities. These vulnerabilities stem from the pstrip64.sys driver, which allows...

CVE-2026-29923

The pstrip64.sys driver in EnTech Taiwan PowerStrip =3.90.736 allows local users to escalate privileges to SYSTEM via a crafted IOCTL request enabling unprivileged users to map arbitrary physical memory into their address space and modify critical kernel structures...

CVE-2026-21376

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...

EUVD-2025-208607

An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...

EUVD-2025-206611

Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters...

CVE-2025-47369 Information Exposure in Computer Vision

Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID...

UBUNTU-CVE-2022-50707

In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtiocryptoalgskcipherclosesession 'vcctrlreq' is alloced in virtiocryptoalgskcipherclosesession, and should be freed in the invalid ctrlstatus-status error handling case. Otherwise there is a...

CVE-2022-50707 virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session()

In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtiocryptoalgskcipherclosesession 'vcctrlreq' is alloced in virtiocryptoalgskcipherclosesession, and should be freed in the invalid ctrlstatus-status error handling case. Otherwise there is a...