6005 matches found
CVE-2026-15030
The CVE-2026-15030 entry concerns ASUS components: System Control Interface v3, System Control Interface, and ASUS Business Manager. The weakness is an out-of-bounds read caused by a crafted IOCTL request that bypasses validation, enabling a local administrator to read memory regions beyond the i...
CVE-2026-9492
The MBStorage DRAM lighting control module within Gigabyte Control Center GCC developed by GIGABYTE Technology has an Improper Access Control vulnerability. Authenticated local attackers can send specific IOCTL commands through the driver MyPortIOx64.sys bundled with the module, thereby arbitrari...
EUVD-2026-42053
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...
CVE-2025-59617
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...
CVE-2025-59617 Use After Free in Computer Vision
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...
CVE-2025-59616 Use After Free in Computer Vision
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...
CVE-2025-59616
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...
The vulnerability of the drm_gem_change_handle_ioctl() function in the Direct Rendering Manager (DRM) subsystem of Linux kernels allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the changehandle function in the Direct Rendering Manager DRM subsystem of Linux kernels relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected...
CVE-2026-14629 RT-Thread Parameter lwp_syscall.c sys_ioctl divide by zero
A flaw has been found in RT-Thread up to 5.2.2. Affected is the function read/write/sysioctl of the file components/lwp/lwpsyscall.c of the component Parameter Handler. Executing a manipulation can lead to divide by zero. The attack may be launched remotely. The exploit has been published and may...
CVE-2022-4989
UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests, leading to privilege escalation...
CVE-2022-4989
CVE-2022-4989 affects the ASUS AI Suite 3 driver. The root cause is improper validation of a specified quantity in input, enabling a local user to craft IOCTL requests that access unintended memory regions and escalate privileges. The CVSS indicates high impact to confidentiality, integrity, and ...
CVE-2022-4990
UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation...
UBUNTU-CVE-2026-53337
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL pointer dereference in bonddoioctl In bonddoioctl, slavedev is obtained via devgetbyname which can return NULL if the requested interface name does not exist. However, the subsequent slavedbg call is placed...
EUVD-2026-40971
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL pointer dereference in bonddoioctl In bonddoioctl, slavedev is obtained via devgetbyname which can return NULL if the requested interface name does not exist. However, the subsequent slavedbg call is placed...
CVE-2026-53337
The CVE concerns the Linux kernel bonding code: in bond_do_ioctl(), slave_dev is fetched via __dev_get_by_name() and then immediately used in a slave_dbg() call before checking for NULL, causing a NULL-pointer dereference when a non-existent slave interface name is provided (e.g., via bonding ioc...
CVE-2026-53337 net: bonding: fix NULL pointer dereference in bond_do_ioctl()
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL pointer dereference in bonddoioctl In bonddoioctl, slavedev is obtained via devgetbyname which can return NULL if the requested interface name does not exist. However, the subsequent slavedbg call is placed...
CVE-2026-53320
A flaw was found in the Linux kernel's nilfs2 filesystem. A local attacker could exploit this vulnerability by sending a specially crafted input/output control ioctl request to the nilfsioctlmarkblocksdirty function. By providing a zero block number, the attacker can bypass a critical dead block...
SUSE CVE-2026-53320
In the Linux kernel, the following vulnerability has been resolved: nilfs2: reject zero bdoblocknr in nilfsioctlmarkblocksdirty nilfsioctlmarkblocksdirty uses bdoblocknr to detect dead blocks by comparing it with the current block number bdblocknr. If they differ, the block is considered dead and...
Linux Distros Unpatched Vulnerability : CVE-2026-53203
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when check...
Linux Distros Unpatched Vulnerability : CVE-2026-53320
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: reject zero bdoblocknr in nilfsioctlmarkblocksdirty nilfsioctlmarkblocksdirty uses bdoblocknr to detect dead blocks by comparing it with the current blo...