Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. bsc1266302 Font Alias Stack-based Buffer Overflow. bsc1266294 GLX ChangeDrawableAttributes Out-Of-Bounds...

SUSE-SU-2026:2221-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues - CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 - DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. bsc1266302 - Font Alias Stack-based Buffer Overflow. bsc1266294 - GLX ChangeDrawableAttributes...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001577)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001577 advisory. i915gemuserptrgetpages in drivers/gpu/drm/i915/i915gemuserptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of service NULL...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003687)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003687 advisory. i915gemuserptrgetpages in drivers/gpu/drm/i915/i915gemuserptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of service NULL...

ROS-20260113-7304

A vulnerability in the amdgpudevicegpurecover function of the Direct Rendering Infrastructure DRI support driver for AMD graphics cards in the Linux operating system kernel is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

EUVD-2017-3757

Malware in sbrugna...

EUVD-2004-0003

Malware in sbrugna...

EUVD-2005-0768

Malware in sbrugna...

PT-2025-38855

Name of the Vulnerable Software and Affected Versions SmartDataSoft DriCub versions through 2.9 Description A Server-Side Request Forgery SSRF issue exists in SmartDataSoft DriCub. This allows for Server Side Request Forgery. The vulnerability allows an attacker to make requests on behalf of the...

PT-2025-38854

Name of the Vulnerable Software and Affected Versions SmartDataSoft DriCub versions through 2.9 Description An authorization issue exists in SmartDataSoft DriCub due to incorrectly configured access control security levels. This allows for potential exploitation of the system. Recommendations At...

Linux i915 PTE Use-After-Free

I found a bug in the i915 code that allows a process with access to a render node /dev/dri/renderD128 to corrupt kernel memory. This bug is subject to a 90-day disclosure deadline. If a fix for this issue is made available to users before the end of the 90-day deadline, this bug report will becom...

kernel: vmwgfx: use-after-free in vmw_cmd_res_check

A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmwcmdrescheck. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causing a...

kernel: vmwgfx: integer overflow in vmwgfx_execbuf.c

An integer overflow was found in the Linux kernel's vmwgfx driver. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, and able to issue an ioctl on the resulting file descriptor to crash the system, causing a denial of service...

kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query

A NULL pointer dereference issue was found in the Linux kernel's vmwgfx driver in vmwcmddxdefinequery. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causi...

kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query

A NULL pointer dereference issue was found in the Linux kernel's vmwgfx driver in vmwcmddxdefinequery. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causi...

kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query

A NULL pointer dereference issue was found in the Linux kernel's vmwgfx driver in vmwcmddxdefinequery. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causi...

kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query

A NULL pointer dereference issue was found in the Linux kernel's vmwgfx driver in vmwcmddxdefinequery. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causi...

kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context

A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmwexecbuftiecontext. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causin...

CVE-2023-51043

A flaw was found in the Linux kernel Direct Rendering Infrastructure DRI subsystem in which a use-after-free can be caused when a user triggers a race condition between a nonblocking atomic commit and a driver unload. A local user could use this flaw to crash the system or potentially escalate...

kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context

A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmwexecbuftiecontext. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causin...