kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation

A flaw was found in the Linux kernel's Squashfs filesystem. A local attacker can exploit this vulnerability by simultaneously mounting a Squashfs filesystem and issuing a specific input/output control ioctl command. This can lead to an incorrect block size calculation, causing a shift-out-of-boun...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002720)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002720 advisory. The msrmtrrvalid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvmarchvcpu...

CVE-2025-61155

The GameDriverX64.sys kernel-mode anti-cheat driver v7.23.4.7 and earlier contains an access control vulnerability in one of its IOCTL handlers. A user-mode process can open a handle to the driver device and send specially crafted IOCTL requests. These requests are executed in kernel-mode context...

EUVD-2018-18598

Malware in sbrugna...

kernel: vmwgfx: use-after-free in vmw_cmd_res_check

A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmwcmdrescheck. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causing a...

ASUS GPUTweak II 安全漏洞

ASUS GPUTweak II is a driver from Asus China Inc. It is used to drive more FPS. A security vulnerability exists in ASUS GPUTweak II version v1.4.5.2, which stems from a security flaw in the component IOMap64.sys. The vulnerability can be exploited by an attacker to elevate privileges and execute...

kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query

A NULL pointer dereference issue was found in the Linux kernel's vmwgfx driver in vmwcmddxdefinequery. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causi...

CVE-2021-36923

RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB device privileged IN and OUT instructions leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosur...

Huawei EulerOS: Security Advisory for policycoreutils (EulerOS-SA-2016-1083)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-7545

It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent shell, escaping the sandbox...

CVE-2018-11020

kernel/omap/drivers/rpmsg/rpmsgomx.c in the kernel component in Amazon Kindle Fire HD3rd Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device file /dev/rpmsg-omx1 with the command 3221772291, and cause a kernel crash...

EulerOS 2.0 SP1 : policycoreutils (EulerOS-SA-2016-1083)

According to the version of the policycoreutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program...

Important: Red Hat Security Advisory: policycoreutils security update

An update for policycoreutils is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

policycoreutils security update

CentOS Errata and Security Advisory CESA-2016:2702 An update for policycoreutils is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

Amazon Linux AMI : policycoreutils (ALAS-2016-765)

It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent bash, escaping the sandbox. C Tenable Network...

Qemu: block: iscsi: buffer overflow in iscsi_aio_ioctl

Quick EmulatorQEMU built with the Block driver for iSCSI images support virtio-blk is vulnerable to a heap-based buffer overflow issue. The flaw could occur while processing iSCSI asynchronous I/O ioctl2 calls. A user inside a guest could exploit this flaw to crash the QEMU process resulting in...