CVE-2025-27535

Exposed ioctl with insufficient access control in the firmware for some IntelR Ethernet Connection E825-C. before version NVM ver. 3.84 within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a high complexity attack may enable...

Intel Ethernet Connection E825-C 安全漏洞

The Intel Ethernet Connection E825-C is a series of network controllers developed by the American company Intel. Versions of Intel Ethernet Connection E825-C prior to NVM ver. 3.84 contain security vulnerabilities. These vulnerabilities stem from insufficient ioctl access control, which may lead ...

CVE-2020-10234

The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic aka BSOD follows. The IOCTL codes can be found in the dispatch function:...

UBUNTU-CVE-2023-53172

In the Linux kernel, the following vulnerability has been resolved: fsverity: reject FSIOCENABLEVERITY on mode 3 fds Commit 56124d6c87fd "fsverity: support enabling with tree block size fmode & FMODEREAD' in kernelread became reachable by fuzz tests. This happens if FSIOCENABLEVERITY is called on...

CVE-2023-35841

Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows Privilege Escalation which allows for modification of system firmware.This issue affects WinFlash Driver: before 4.5.0.0...

PT-2025-17544 · Unknown · Rollback Rx Professional

Name of the Vulnerable Software and Affected Versions: Rollback Rx Professional version 12.8.0.0 Description: The issue allows local users to cause a denial of service due to a null pointer dereference from IOCtl 0x96202000 in the driver file shieldm.sys. Recommendations: For Rollback Rx...

SUSE CVE-2020-27786

A flaw was found in the Linux kernel's implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change...

PHOENIX CONTACT TdkLib64.sys 安全漏洞

PHOENIX CONTACT TdkLib64.sys is a core application from PHOENIX CONTACT, Germany. A security vulnerability exists in PHOENIX CONTACT TdkLib64.sys, which stems from the vulnerability of TdkLib64.sys to insufficient IOCTL access control, where by sending a specific IOCTL request, an attacker withou...

DEBIAN-CVE-2020-27786

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change...

kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field

A stack buffer overflow issue was found in the getrawsocket routine of the Host kernel accelerator for virtio net vhost-net driver. It could occur while doing an ictolVHOSTNETSETBACKEND call, and retrieving socket name in a kernel stack variable via getrawsocket. A user able to perform ioctl2 cal...

hw: Intel GPU Denial Of Service while accessing MMIO in lower power state

A flaw was found in Intel graphics hardware GPU where a local attacker with the ability to issue an ioctl could trigger a hardware level crash if MMIO registers were read while the graphics card was in a low-power state. This creates a denial of service situation and the GPU and connected display...

UBUNTU-CVE-2016-3713

The msrmtrrvalid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvmarchvcpu data structure, and consequently obtain sensitive information or cause a denial of service system crash, via a crafted ioctl call...

kernel: unfiltered netdev rio_ioctl access by users

The rioioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call...

PT-2012-3944 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.3.7 Description: The issue allows local users to write data to an Ethernet adapter via an ioctl call due to the rio ioctl function in drivers/net/ethernet/dlink/dl2k.c not restricting access to the SIOCSMIIREG...