Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disabling coherent dumb buffers is no longer necessary when 3D is not enabled. Coherent surfaces make sense only if the host renders to them using accelerated APIs. Without 3D, all the content in dumb buffers remains ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004013)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004013 advisory. The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in vgemgemdumbcreate concurrently, a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001705)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001705 advisory. The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in vgemgemdumbcreate concurrently, a...

Linux Distros Unpatched Vulnerability : CVE-2024-46712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if th...

Linux Distros Unpatched Vulnerability : CVE-2022-1419

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in vgemgemdumbcreate...

PT-2025-21570 · Dumb Drop · Dumb Drop

Name of the Vulnerable Software and Affected Versions: DumbDrop versions prior to commit db27b25372eb9071e63583d8faed2111a2b79f1b Description: The issue is related to a DOM cross-site scripting vulnerability in the upload functionality. A user could be tricked into uploading a file with a malicio...

Dumb Drop 安全漏洞

Dumb Drop is an open source application from DumbWare. A security vulnerability exists in Dumb Drop that stems from OS command injection and could allow an attacker to remotely execute arbitrary code...

CVE-2025-24891

Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject...

CVE-2025-24891 Dumb Drop has an arbitrary file overwrite and path traversal for root shell

Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject...

CVE-2025-24891 Dumb Drop has an arbitrary file overwrite and path traversal for root shell

Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject...

Dumb Drop 安全漏洞

Dumb Drop is an open source application from DumbWare. A security vulnerability exists in Dumb Drop that stems from a path traversal issue that allows users with upload privileges to overwrite arbitrary system files, potentially leading to malicious code injection...

SUSE CVE-2024-46712

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

CVE-2024-46712

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

DEBIAN-CVE-2024-46712

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

CVE-2024-46712 drm/vmwgfx: Disable coherent dumb buffers without 3d

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

CVE-2024-46712

The documented CVE-2024-46712 affects the Linux kernel's DRM VMWGFX subsystem: coherent dumb buffers are enabled even when 3D is disabled, causing guest-only content to be retained and wasting guest-host synchronization efforts. The problem arises because coherent surfaces are only meaningful wit...

CVE-2024-46712 drm/vmwgfx: Disable coherent dumb buffers without 3d

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra...

PT-2024-32139 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the use of coherent dumb buffers in configurations without 3D enabled. Coherent surfaces are only useful when the host renders to them using accelerated APIs. Withou...

OPENSUSE-SU-2024:10729-1 dumb-2.0.3-1.3 on GA media

These are all security issues fixed in the dumb-2.0.3-1.3 package on the GA media of openSUSE Tumbleweed...

kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create()

A race condition was found in the QXL driver in the Linux kernel. The qxlmodedumbcreate function dereferences the qobj returned by the qxlgemobjectcreatewithhandle, but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigge...