12 matches found
The vulnerability of the drm_gem_change_handle_ioctl() function in the Direct Rendering Manager (DRM) subsystem of Linux kernels allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the changehandle function in the Direct Rendering Manager DRM subsystem of Linux kernels relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected...
CVE-2026-53145
A flaw was found in the Linux kernel's Direct Rendering Manager DRM Graphics Execution Manager GEM subsystem. A race condition exists within the changehandle ioctl between gemclose and gemchangehandle operations. This could lead to incorrect handling of graphics memory, potentially resulting in...
SUSE CVE-2026-53145
In the Linux kernel, the following vulnerability has been resolved: drm/gem: Try to fix changehandle ioctl, attempt 4 airlied: just added some comments on how to reenable On-list because the cat is out of the bag and we're clearly not good enough to figure this out in private. The story thus far:...
CVE-2026-53145
In the Linux kernel, the following vulnerability has been resolved: drm/gem: Try to fix changehandle ioctl, attempt 4 airlied: just added some comments on how to reenable On-list because the cat is out of the bag and we're clearly not good enough to figure this out in private. The story thus far:...
CVE-2026-53145 drm/gem: Try to fix change_handle ioctl, attempt 4
In the Linux kernel, the following vulnerability has been resolved: drm/gem: Try to fix changehandle ioctl, attempt 4 airlied: just added some comments on how to reenable On-list because the cat is out of the bag and we're clearly not good enough to figure this out in private. The story thus far:...
CVE-2026-23149
In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drmgemchangehandleioctl Since GEM bo handles are u32 in the uapi and the internal implementation uses idralloc which uses int ranges, passing a new handle larger than INTM...
EUVD-2026-5890
In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drmgemchangehandleioctl Since GEM bo handles are u32 in the uapi and the internal implementation uses idralloc which uses int ranges, passing a new handle larger than INTM...
CVE-2026-23149 drm: Do not allow userspace to trigger kernel warnings in drm_gem_change_handle_ioctl()
In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drmgemchangehandleioctl Since GEM bo handles are u32 in the uapi and the internal implementation uses idralloc which uses int ranges, passing a new handle larger than INTM...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the drmgemchangehandleioctl function not verifying user-space inputs, potentially triggering a...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004366)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004366 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix GEM handle creation ref-counting panfrostgemcreatewithhandle previously returne...
CVE-2022-43589
A null pointer dereference vulnerability exists in the handleioctl8314C functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
CVE-2022-43589
A null pointer dereference vulnerability exists in the handleioctl8314C functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...