107 matches found
PT-2025-32134 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: A memory corruption issue exists when processing an IOCTL command with an arbitrary address. Recommendations: At the moment, there is no information about a newer version that contains a fix for th...
CVE-2024-53017
Memory corruption while handling test pattern generator IOCTL command...
CVE-2024-53015
Memory corruption while processing IOCTL command to handle buffers associated with a session...
CVE-2024-53017
Memory corruption while handling test pattern generator IOCTL command...
CVE-2024-53015
Memory corruption while processing IOCTL command to handle buffers associated with a session...
CVE-2024-53017 Use of Out-of-range Pointer Offset in Camera Driver
Memory corruption while handling test pattern generator IOCTL command...
CVE-2024-53017
CVE-2024-53017 concerns Qualcomm chipsets where the camera driver’s Test Pattern Generator IOCTL handling can trigger memory corruption. Multiple connected sources align on a root cause described as “Use of Out-of-range Pointer Offset in Camera Driver,” with local exploitation potential and parti...
CVE-2024-53017 Use of Out-of-range Pointer Offset in Camera Driver
Memory corruption while handling test pattern generator IOCTL command...
CVE-2024-53015 Use After Free in Computer Vision
Memory corruption while processing IOCTL command to handle buffers associated with a session...
CVE-2024-53015 Use After Free in Computer Vision
Memory corruption while processing IOCTL command to handle buffers associated with a session...
CVE-2024-53015
CVE-2024-53015 describes a memory corruption issue in Qualcomm chipsets triggered when processing IOCTL commands to handle buffers for a session. The vulnerability affects IOCTL buffer handling code and is evidenced by multiple feeds (NVD and Red Hat advisories) reporting memory corruption withou...
PT-2025-23575 · Qualcomm · Snapdragon +4
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to memory corruption that occurs while handling a test pattern generator IOCTL command. Recommendations: At the moment, there is no information about a newer version tha...
PT-2025-23573 · Qualcomm · Snapdragon
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to memory corruption that occurs while processing an IOCTL command to handle buffers associated with a session. Recommendations: At the moment, there is no information...
CVE-2024-23377
Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver...
CVE-2021-38785
There is a NULL pointer deference in the Allwinner R818 SoC Android Q SDK V1.0 camera driver /dev/cedardev that could use the ioctl cmd IOCTLGETIOMMUADDR to cause a system crash...
CVE-2021-38787
There is an integer overflow in the ION driver "/dev/ion" of Allwinner R818 SoC Android Q SDK V1.0 that could use the ioctl cmd "COMPATIONIOCSUNXIFLUSHRANGE" to cause a system crash denial of service...
CVE-2020-11240
Memory corruption due to ioctl command size was incorrectly set to the size of a pointer and not enough storage is allocated for the copy of the user argument in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...
CVE-2019-15877
In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory...
CVE-2025-37806 fs/ntfs3: Keep write operations atomic
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Keep write operations atomic syzbot reported a NULL pointer dereference in genericfilewriteiter. 1 Before the write operation is completed, the user executes ioctl2 to clear the compress flag of the file, which causes t...
CVE-2023-53143
In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one fsmap error on 1k block filesystems Apparently syzbot figured out that issuing this FSMAP call: struct fsmaphead cmd = .fmhcount = ...; .fmhkeys = .fmrdevice = / ext4 dev /, .fmrphysical = 0, ,...