PT-2026-2620

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s DRM Xe driver contains a use-after-free issue within the OA configuration interface, specifically in the xe oa add config ioctl function. The issue arises from accessi...

MiracleLinux 8 : kernel-4.18.0-553.87.1.el8_10 (AXSA:2025-11512:96)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11512:96 advisory. kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: smb: client: fix race with concurrent opens in renam...

ROS-20260112-7358

A vulnerability in the cdromioctltimedmediachange function of the Linux kernel is related to integer overflow. Exploitation of the vulnerability could allow an attacker to affect confidentiality, integrity and availability of protected information...

CVE-2018-10977

In 2345 Security Guard 3.7, the driver file 2345BdPcSafe.sys, X64 version allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCTL 0x002220E4...

CVE-2018-10975

In 2345 Security Guard 3.7, the driver file 2345BdPcSafe.sys, X64 version allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222104...

CVE-2021-31727

Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 where IOCTL's 0x80002014, 0x80002018 expose unrestricted disk read/write capabilities respectively. A non-privileged process can open a handle to \.\ZemanaAntiMalware, register with the driver using IOCTL...

CVE-2022-42046

wfshbr64.sys and wfshbr32.sys specially crafted IOCTL allows arbitrary user to perform local privilege escalation...

CVE-2022-42455

ASUS EC Tool driver aka d.sys 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb, as signed by ASUS and shipped with multiple ASUS software products, contains multiple IOCTL handlers that provide raw read and write access to port I/O and MSRs via unprivileged IOCTL calls. Local user...

CVE-2022-37415

The Uniwill SparkIO.sys driver 1.0 is vulnerable to a stack-based buffer overflow via IOCTL 0x40002008...

CVE-2019-2284

Possible use-after-free issue due to a race condition while calling camera ioctl concurrently in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD...

CVE-2020-10234

The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic aka BSOD follows. The IOCTL codes can be found in the dispatch function:...

CVE-2024-39251

An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests...

CVE-2022-33226

Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications...

CVE-2023-43546

Memory corruption while invoking HGSL IOCTL context create...

CVE-2025-47380

Memory corruption while preprocessing IOCTLs in sensors...

CVE-2024-2180

Zemana AntiLogger v2.74.204.664 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x80002020 IOCTL code of the zam64.sys and zamguard64.sys drivers...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000230)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000230 advisory. In the Linux kernel before 4.20.8, kvmioctlcreatedevice in virt/kvm/kvmmain.c mishandles reference counting because of a race condition, leading to a use-after-free...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000458)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000458 advisory. A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000420)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000420 advisory. The mptctlioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000240)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000240 advisory. An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to re...