Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3D. Coherent surfaces make sense only if the host renders to them using accelerated APIs. Without 3D, all the content in dumb buffers remains on the guest, making all the addition...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004013)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004013 advisory. The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in vgemgemdumbcreate concurrently, a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001705)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001705 advisory. The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in vgemgemdumbcreate concurrently, a...

Linux Distros Unpatched Vulnerability : CVE-2024-46712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if th...

Linux Distros Unpatched Vulnerability : CVE-2022-1419

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in vgemgemdumbcreate...

PT-2025-21570 · Dumb Drop · Dumb Drop

Name of the Vulnerable Software and Affected Versions: DumbDrop versions prior to commit db27b25372eb9071e63583d8faed2111a2b79f1b Description: The issue is related to a DOM cross-site scripting vulnerability in the upload functionality. A user could be tricked into uploading a file with a malicio...

The vulnerability of the vmw_dumb_create() function in the Linux kernel’s Direct Rendering Infrastructure (DRI) support driver allows a malicious actor to cause a service failure.

The vulnerability of the vmwdumbcreate function in the Linux kernel’s Direct Rendering Infrastructure DRI driver relates to a violation of the buffer boundary. Exploiting this vulnerability can allow an attacker to trigger a service failure...

Dumb Drop 安全漏洞

Dumb Drop is an open source application from DumbWare. A security vulnerability exists in Dumb Drop that stems from OS command injection and could allow an attacker to remotely execute arbitrary code...

CVE-2025-24891

Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject...

CVE-2025-24891 Dumb Drop has an arbitrary file overwrite and path traversal for root shell

Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject...

CVE-2025-24891 Dumb Drop has an arbitrary file overwrite and path traversal for root shell

Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject...

Dumb Drop 安全漏洞

Dumb Drop is an open source application from DumbWare. A security vulnerability exists in Dumb Drop that stems from a path traversal issue that allows users with upload privileges to overwrite arbitrary system files, potentially leading to malicious code injection...

SUSE CVE-2024-46712

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

CVE-2024-46712

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

DEBIAN-CVE-2024-46712

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

CVE-2024-46712 drm/vmwgfx: Disable coherent dumb buffers without 3d

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

CVE-2024-46712

The documented CVE-2024-46712 affects the Linux kernel's DRM VMWGFX subsystem: coherent dumb buffers are enabled even when 3D is disabled, causing guest-only content to be retained and wasting guest-host synchronization efforts. The problem arises because coherent surfaces are only meaningful wit...

CVE-2024-46712 drm/vmwgfx: Disable coherent dumb buffers without 3d

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

PT-2024-32139 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the use of coherent dumb buffers in configurations without 3D enabled. Coherent surfaces are only useful when the host renders to them using accelerated APIs. Withou...

OPENSUSE-SU-2024:10729-1 dumb-2.0.3-1.3 on GA media

These are all security issues fixed in the dumb-2.0.3-1.3 package on the GA media of openSUSE Tumbleweed...