Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the LPGETSTATUS ioctl command in the usblp driver. This command fails to initialize heap memory,...

GHSA-FJQ3-FFVR-VM46 OpenTelemetry eBPF Instrumentation: Java TLS ioctl kprobe allows kernel memory disclosure

Summary The Java TLS ioctl probe reads user-controlled ioctl pointers with bpfproberead instead of bpfprobereaduser. An instrumented local process can therefore point OBI at kernel memory and cause that memory to be copied into telemetry. Details The vulnerable path is in...

CVE-2026-6737

An Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local user to bypass driver security mechanisms and obtain restricted touchpad information or render the touchpad unusable via crafted IOCTL requests.Refer to the ' Security Update for ASUS Precision...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: loop: Overflow check during loop configuration The user space can configure a loop using an ioctl call. In this process, a loopconfig type configuration is passed see the loioctl case on line 1550 of drivers/block/loop.c. This ca...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007459)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007459 advisory. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: i740fb: Check the argument of i740calcvclk Since the user can control the argument...

EUVD-2026-20111

An exposed IOCTL with an insufficient access control vulnerability has been identified in the utility, MxGeneralIo, for Moxa’s industrial x86 computers. The affected utility, MxGeneralIo, exposes IOCTL methods that permit direct read and write access to MSR and system memory. A local attacker wit...

CVE-2025-15037

An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001652)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001652 advisory. The vmwsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels dat...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000698)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000698 advisory. Stack-based buffer overflow in the ttusbdecfedvbsdiseqcsendmastercmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003710)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003710 advisory. An issue was discovered in the fdlockedioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000630)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000630 advisory. Array index error in the tcmvhostmaketpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service memo...

EUVD-2026-2755

A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresse...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003191)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003191 advisory. The vmwsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002289)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002289 advisory. Buffer overflow in the qethsnmpcommand function in drivers/s390/net/qethcoremain.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002443)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002443 advisory. The aacsendrawsrb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local...

CVE-2025-68947

NSecsoft NSecKrnl is a Windows driver that permits a local, authenticated attacker to terminate processes owned by other users (including SYSTEM and Protected Processes) by sending crafted IOCTL requests. Multiple sources (including Reynolds ransomware and CVE records) describe this as a BYOVD an...

EUVD-2010-4056

Malware in sbrugna...

EUVD-2016-3167

Malware in sbrugna...

EUVD-2007-3761

Malware in sbrugna...

EUVD-2018-2432

Malware in sbrugna...