CVE-2025-39958 iommu/s390: Make attach succeed when the device was surprise removed

In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Make attach succeed when the device was surprise removed When a PCI device is removed with surprise hotplug, there may still be attempts to attach the device to the default domain as part of tear down via...

CVE-2022-49737

In X.Org X server 20.11 through 21.1.16, when a client application uses easystroke for mouse gestures, the main thread modifies various data structures used by the input thread without acquiring a lock, aka a race condition. In particular, AttachDevice in dix/devices.c does not acquire an input...

USN-6495-2 linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Manfred Rudigier discovered that the IntelR PCI-Express Gigab...

SUSE CVE-2022-40284

A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon...

kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c

A flaw out of bounds memory write in the Linux kernel HID subsystem was found in the way user attach USB or other HID device that generates incorrect data inside HID report field. A local user could use this flaw to crash the system or possibly escalate their privileges on the system...

Microsoft Windows 2000 Still Image Service Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1651/info The Still Image Service in windows 2000 is vulnerable to an unchecked buffer which could enable a user to run commands at the privilege level of the service LocalSystem by default. This is due to an unchecked...

UBUNTU-CVE-2013-6456

The LXC driver lxc/lxcdriver.c in libvirt 1.0.1 through 1.2.1 allows local users to 1 delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; 2 create arbitrary nodes mknod via the virDomainDeviceAttach API and a symlink attack on /dev in th...

CentOS Update for libvirt CESA-2013:0127 centos5

Check for the Version of libvirt OpenVAS Vulnerability Test CentOS Update for libvirt CESA-2013:0127 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...