5904 matches found
UBUNTU-CVE-2022-50010
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: i740fb: Check the argument of i740calcvclk Since the user can control the arguments of the ioctl from the user space, under special arguments that may result in a divide-by-zero bug. If the user provides an improper...
UBUNTU-CVE-2022-49993
In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioctl call, wherein a configuration of type loopconfig is passed see loioctl's case on line 1550 of drivers/block/loop.c. This proceeds t...
CVE-2022-50226
CVE-2022-50226 affects the Linux kernel crypto: ccp subsystem, where sev ioctl interfaces could allocate memory with kmalloc to handle input up to SEV_FW_BLOB_MAX_SIZE but were not fully overwritten by PSP firmware, risking uninitialized slab memory. The issue is resolved by changing ioctl memory...
CVE-2022-50226
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmware return...
CVE-2022-50226 crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmware return...
CVE-2022-50102
CVE-2022-50102 affects the Linux kernel’s fbdev arkfb driver. A user-controlled ioctl can cause a divide-by-zero in ark_set_pixclock, e.g. with hdiv=1, pixclock=1, hmul=2, producing (1*1)/2 = 0 and leading to division by zero later in arkfb.c when computing 1000000000 / pixclock. The vulnerabilit...
CVE-2022-50010 video: fbdev: i740fb: Check the argument of i740_calc_vclk()
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: i740fb: Check the argument of i740calcvclk Since the user can control the arguments of the ioctl from the user space, under special arguments that may result in a divide-by-zero bug. If the user provides an improper...
CVE-2022-50010
CVE-2022-50010 affects the Linux kernel’s fbdev i740fb driver. If a user space ioctl supplies a pixclock value causing the argument to i740_calc_vclk() to be less than I740_RFREQ_FIX, a divide-by-zero can occur in p_best calculation (drivers/video/fbdev/i740fb.c:353). The vulnerability arises bec...
CVE-2022-50010 video: fbdev: i740fb: Check the argument of i740_calc_vclk()
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: i740fb: Check the argument of i740calcvclk Since the user can control the arguments of the ioctl from the user space, under special arguments that may result in a divide-by-zero bug. If the user provides an improper...
CVE-2022-49993 loop: Check for overflow while configuring loop
In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioctl call, wherein a configuration of type loopconfig is passed see loioctl's case on line 1550 of drivers/block/loop.c. This proceeds t...
PT-2025-25919 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to an overflow when configuring a loop. The issue arises from the userspace configuring a loop using an ioctl call, passi...
Azure Linux 3.0 Security Update: coreutils (CVE-2016-2781)
The version of coreutils installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2016-2781 advisory. - chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via...
CVE-2025-1055
A vulnerability in the K7RKScan.sys driver, part of the K7 Security Anti-Malware suite, allows a local low-privilege user to send crafted IOCTL requests to terminate a wide range of processes running with administrative or system-level privileges, with the exception of those inherently protected ...
CVE-2025-1055
A vulnerability in the K7RKScan.sys driver, part of the K7 Security Anti-Malware suite, allows a local low-privilege user to send crafted IOCTL requests to terminate a wide range of processes running with administrative or system-level privileges, with the exception of those inherently protected ...
CVE-2025-1055
CVE-2025-1055 targets the K7RKScan.sys driver in K7 Security Anti-Malware. The root cause is missing access control in the driver’s IOCTL handler, enabling a local low-privilege user to issue crafted IOCTLs that terminate high-privilege/system processes. Reported impact is denial of service throu...
CVE-2025-1055 K7 Security Anti-Malware: IOCTL in K7RKScan.sys Allows Arbitrary Termination of High-Privilege and System Processes by a Low-Privilege User
A vulnerability in the K7RKScan.sys driver, part of the K7 Security Anti-Malware suite, allows a local low-privilege user to send crafted IOCTL requests to terminate a wide range of processes running with administrative or system-level privileges, with the exception of those inherently protected ...
PT-2025-25174
Name of the Vulnerable Software and Affected Versions: K7 Security Anti-Malware versions affected versions not specified Description: A vulnerability in the K7RKScan.sys driver, part of the K7 Security Anti-Malware suite, allows a local low-privilege user to send crafted IOCTL requests to termina...
The vulnerability in the implementation of IOCTL commands in Qualcomm’s embedded software allows a hacker to damage memory.
The vulnerability of the IOCTL command implementation in Qualcomm’s embedded software lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to damage the memory...
CVE-2025-21485
Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC...
CVE-2024-53017
Memory corruption while handling test pattern generator IOCTL command...