5863 matches found
CVE-2026-43398 drm/amdgpu: add upper bound check on user inputs in wait ioctl
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...
CVE-2026-43398
The CVE-2026-43398 entry concerns the Linux kernel amdgpu driver. A vulnerability arises from improper input validation in the userq_wait ioctl (amdgpu_userq_wait_ioctl), where excessively large input values can cause an Out-Of-Memory (OOM) situation, leading to Denial of Service. The root cause ...
CVE-2026-43359
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow when attempting to add the BTRFSUUIDKEYRECEIVEDSUBVOL we have to abort the transaction since we did...
CVE-2026-43359
The CVE-2026-43359 detail points to a Linux kernel Btrfs issue: when calling the set received ioctl, repeated use of the same received UUID on multiple subvolumes could overflow metadata and abort the transaction, forcing the filesystem into read-only mode. The root cause is an item overflow duri...
CVE-2026-3508
An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...
CVE-2026-6737
An Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local user to bypass driver security mechanisms and obtain restricted touchpad information or render the touchpad unusable via crafted IOCTL requests.Refer to the ' Security Update for ASUS Precision...
Linux Distros Unpatched Vulnerability : CVE-2026-43398
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check thes...
PT-2026-39020
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the btrfs component where the 'set received' ioctl can trigger a transaction abort due to an item overflow when adding the BTRFS UUID KEY RECEIVED SUBVOL. A user who...
PT-2026-39059
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/amdgpu component where the amdgpu userq wait ioctl function fails to properly validate user inputs. Providing excessively large input values can lead to an...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a project overflow when ioctl commands are received, leading to transaction termination and...
PT-2026-38641
Name of the Vulnerable Software and Affected Versions AsusPTPFilter affected versions not specified Description An exposed IOCTL Input/Output Control with insufficient access control allows a local user to bypass driver security mechanisms. This can lead to the unauthorized acquisition of...
Linux Distros Unpatched Vulnerability : CVE-2026-43359
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow when attempting to add the...
Linux Distros Unpatched Vulnerability : CVE-2026-43400
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of upper-bound checks on user input in the amdgpuuserqsignalioctl function. This...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of upper-bound checks on user input in the amdgpuuserqwaitioctl function. This...
CVE-2026-43280
A flaw was found in the Linux kernel's drm/xe module. A local user can exploit this vulnerability by providing a malformed patindex value through the madvise IOCTL. This allows the xepatindexgetcohmode function to perform an out-of-bounds read from the xe-pat.table array, leading to information...
Linux Distros Unpatched Vulnerability : CVE-2026-43280
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add bounds check on patindex to prevent OOB kernel read in madvise When user provide...
CVE-2026-43237
A flaw was found in the Linux kernel's AMD GPU amdgpu driver. Incorrect management of graphics memory dmafence references within the amdgpugemvaioctl function can lead to a reference count underflow and a use-after-after-free condition. A local attacker could exploit this vulnerability to trigger...
CVE-2026-43280
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add bounds check on patindex to prevent OOB kernel read in madvise When user provides a bogus patindex value through the madvise IOCTL, the xepatindexgetcohmode function performs an array access without validating bounds...
SUSE CVE-2026-31769
In the Linux kernel, the following vulnerability has been resolved: gpib: fix use-after-free in IO ioctl handlers The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpibdescriptor pointer after board-biggpibmutex has been released. A concurrent IBCLOSEDEV ioctl can free the descriptor via...