CVE-2026-46036

The CVE covers a race in the Linux kernel vfio/cdx driver where concurrent VFIO_DEVICE_SET_IRQS ioctls can observe inconsistent state of config_msi and cdx_irqs, leading to use-after-free of the cdx_irqs array. A per-device mutex (cdx_irqs_lock) is added to struct vfio_cdx_device and is acquired ...

CVE-2025-47381

Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs...

Qualcomm Chipsets 输入验证错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm Chipsets, which stems from a possible memory corruption when handling device IO control calls...

OESA-2023-1086 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intelgvtdmamapguestpage function. This issue could allow a local user to...

A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls causing a kernel oops condition that results in a denial of service.

...

AMD ATI atillk64.sys Elevation of Privilege Vulnerability

AMD ATI atillk64.sys is an American AMD driver that enables Windows to control computer hardware. A security vulnerability exists in AMD ATI atillk64.sys version 5.11.9.0. The vulnerability can be exploited by an attacker to gain NT AUTHORITYSYSTEM privileges with the help of DeviceIoControl call...