CVE-2019-8413

On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer dereference in the ioctl interface of the device file /dev/elliptic1 or /dev/elliptic0 causes a system crash via IOCTL 0x4008c575 aka decimal 1074316661...

PT-2019-19020 · Linux Foundation +1 · Linux +1

Name of the Vulnerable Software and Affected Versions: Xiaomi MIX 2 devices with kernel version 4.4.78 Description: A NULL pointer dereference issue exists in the ioctl interface of the device files /dev/elliptic1 or /dev/elliptic0, which can cause a system crash when IOCTL 0x4008c575 decimal...

CVE-2017-16555

K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way...

CVE-2017-9710

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, IOCTL interface to send QMI NOTIFY REQ messages can be called from multiple contexts which can result in buffer overflow of msg cache...

Buffer overflow

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, IOCTL interface to send QMI NOTIFY REQ messages can be called from multiple contexts which can result in buffer overflow of msg cache...

Interface Aware Fuzzing for Kernel Drivers: DIFUZE

Device drivers are an essential part in modern Unix-like systems to handle operations on physical devices, from hard disks and printers to digital cameras and Bluetooth speakers. The surge of new hardware, particularly on mobile devices, introduces an explosive growth of device drivers in system...

UBUNTU-CVE-2017-15306

The kvmvmioctlcheckextension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash via a KVMCHECKEXTENSION KVMCAPPPCHTM ioctl call to /dev/kvm...

Linux kernel denial of service vulnerability (CNVD-2017-06739)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the videousercopy function in drivers media/video/v4l2-ioctl.c in the Linux kernel prior to 2.6.39, which can be exploited by a loc...

USN-1599-1: Linux kernel (OMAP4) vulnerability

Pablo Neira Ayuso discovered a flaw in the credentials of netlink messages. An unprivileged local attacker could exploit this by getting a netlink based service, that relies on netlink credentials, to perform privileged actions. CVE-2012-3520 Mathias Krause discovered information leak in the Linu...

Securstar - DriveCrypt - Local Kernel Denial of Service/Memory Disclosure/Privilege Escalation

===============================ADVISORY=============================== Advisory: Securstar - DriveCrypt - Local Kernel Denial of Service/Memory Disclosure/Privilege Escalation Advisory ID: DSEC-2011-0001 Author: Neil Kettle, Digit Security Ltd Affected Software: Securstar DriveCrypt Vendor URL:...

PT-2011-2916 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.38.1 Description: The issue is related to an array index error in the asihpi hpi ioctl function, located in the sound/pci/asihpi/hpioctl.c file of the AudioScience HPI driver. This error might allow local...

kernel: panic when submitting certain 0-length I/O requests

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service panic via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: this vulnerability exists because of an incomplete fix f...

CVE-2010-2962

drivers/gpu/drm/i915/i915gem.c in the Graphics Execution Manager GEM in the Intel i915 driver in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory...

Design/Logic Flaw

drivers/gpu/drm/i915/i915gem.c in the Graphics Execution Manager GEM in the Intel i915 driver in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory...

CVE-2010-2962

drivers/gpu/drm/i915/i915gem.c in the Graphics Execution Manager GEM in the Intel i915 driver in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory...

CVE-2010-2962

drivers/gpu/drm/i915/i915gem.c in the Graphics Execution Manager GEM in the Intel i915 driver in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory...

Sun Solaris Volume Manager本地拒绝服务漏洞

Sun Solaris是一款商业性质的UNIX操作系统。 Sun Solaris卷管理SVM ioctl2接口存在安全问题，本地攻击者可以利用漏洞使系统不稳定，造成拒绝服务攻击。 目前没有详细漏洞细节提供。 Sun Solaris 9x86 Sun Solaris 9 Sun Solaris 10x86 Sun Solaris 10 补丁下载： Sun Solaris 9x86 Sun 122371-07 http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -122371-07-1 Sun...

Zaptel драйвер buffer overflow

Buffer overflow on oversized IOCTL interface name...

Patching system services at runtime

Patching system services at runtime Although KAV appears to use a filesystem filter, the standard Windows mechanism for intercepting accesses to files specifically designed for applications like anti-virus software, the implementors also used a series of API-level function hooks to intercept...