SUSE CVE-2022-1651

A memory leak flaw was found in the Linux kernel in acrndevioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service...

kernel: dm ioctl: prevent potential spectre v1 gadget

A vulnerability was found in the Linux kernel's dm-ioctl interface in the lookupioctl function, which accepts a user-provided cmd value that is used to index the ioctls array directly. This issue could lead to an out-of-bounds access if the CPU speculatively executes the array access before cmd i...

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id->name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl() interface and crash the system or potentially escalate their privileges on the system.

...

CVE-2022-3170

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl interface and crash the system or potentially escalate their...

CVE-2022-3170

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl interface and crash the system or potentially escalate their...

UBUNTU-CVE-2022-3170

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl interface and crash the system or potentially escalate their...

CVE-2022-3170

CVE-2022-3170 affects the Linux kernel sound subsystem. The vulnerability is an out-of-bounds access that can occur when the user-provided id->name does not end with a NUL character, allowing a privileged local user to trigger a crash or potentially escalate privileges via an ioctl() path. The...

CVE-2022-3170

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl interface and crash the system or potentially escalate their...

CVE-2022-3170

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl interface and crash the system or potentially escalate their...

DEBIAN-CVE-2022-3061

Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error...

CVE-2022-3061

Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error...

CVE-2022-3061

Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error...

UBUNTU-CVE-2022-3061

Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error...

CVE-2022-3061

Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error...

PT-2022-4880 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an out-of-bounds access in the Linux kernel sound subsystem, specifically with the get ctl id hash function. This occurs when the id-name parameter does not end...

Dell DBUtil_2_3.sys IOCTL Memory Read / Write Exploit

The DBUtil23.sys driver distributed by Dell exposes an unprotected IOCTL interface that can be abused by an attacker to read and write kernel-mode memory. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

McAfee Total Protection Elevation of Privilege Vulnerability (CNVD-2021-38090)

McAfee Total Protection MTP is a one-stop security suite. An elevation of privilege vulnerability exists in the File Lock component of McAfee Total Protection prior to version 16.0.32. An attacker could use this vulnerability to elevate privileges by manipulating symbolic links in the IOCTL...

CVE-2021-23872

Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection MTP prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOCTL interface...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that can be exploited by an attacker who can force the use of a freed memory area via the noisy Linux kernel's ioctl to trigger a deni...

Design/Logic Flaw

Lawrence Livermore National Laboratory msr-safe v1.1.0 is affected by: Incorrect Access Control. The impact is: An attacker could modify model specific registers. The component is: ioctl handling. The attack vector is: An attacker could exploit a bug in ioctl interface whitelist checking, in orde...