402 matches found
UBUNTU-CVE-2026-52937
In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...
EUVD-2026-38707
In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...
CVE-2026-52937
CVE-2026-52937 details a stack information leak in the Linux kernel related to the macvtap mac address path. In tap_ioctl() for SIOCGIFHWADDR, the code copies 16 bytes from an uninitialized on-stack sockaddr_storage to userspace via ifr_hwaddr. The implementation only writes sa_family and dev->...
📄 Qualcomm CVP Kernel Pointer Leak
The Qualcomm CVP driver exposes kernel pointers to userland by returning a hashed session ID derived from a kernel pointer using hash32ptr. This function is not a cryptographic hash but a reversible fold that XORs the upper and lower 32 bits of the pointer. Due to predictable ARM64 kernel virtual...
CVE-2026-23763
VB-Audio Matrix and Matrix Coconut versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively, contain a local privilege escalation vulnerability in the VBMatrix VAIO virtual audio driver vbmatrixvaio64win10.sys. The driver allocates a 128-byte non-paged pool buffer and, upon receiving IOCT...
CVE-2026-23763
VB-Audio Matrix and Matrix Coconut versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively, contain a local privilege escalation vulnerability in the VBMatrix VAIO virtual audio driver vbmatrixvaio64win10.sys. The driver allocates a 128-byte non-paged pool buffer and, upon receiving IOCT...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001302)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001302 advisory. An issue was discovered in the fdlockedioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000915)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000915 advisory. The acpinsevaluate function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003710)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003710 advisory. An issue was discovered in the fdlockedioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to...
CVE-2025-67246
A local information disclosure in the Ludashi driver (pre-5.1025) due to insufficient access control in the IOCTL handler. The driver exposes a device interface to unprivileged users, accepts attacker-controlled structures containing the lower 4 GB of physical addresses, maps arbitrary physical m...
CVE-2023-40082
In modifyfornextstage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-23467
OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device an attacker can leak stack addresses of the razerattrreaddpistages, potentially bypassing KASLR. To exploit this vulnerability an attacker would...
EUVD-2016-6279
Malware in sbrugna...
EUVD-2020-5177
Malware in sbrugna...
EUVD-2013-3884
Malware in sbrugna...
EUVD-2019-2443
Malware in sbrugna...
EUVD-2015-1804
Malware in sbrugna...
EUVD-2015-8453
Malware in sbrugna...
EUVD-2017-5211
Malware in sbrugna...
EUVD-2016-0213
Malware in sbrugna...