CVE-2025-32776

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...

CVE-2025-32776 OpenRazer Vulnerable to Out of Bounds Read

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...

Vulnerability of the mlx5_cmd_init() function in the drivers/net/ethernet/mellanox/mlx5/core/cmd.c file – This is a driver for supporting Mellanox Ethernet network adapters in Linux operating systems. It allows a hacker to cause a service failure.

Vulnerability of the mlx5cmdinit function in the drivers/net/ethernet/mellanox/mlx5/core/cmd.c file – The Mellanox Ethernet network adapter driver for Linux operating systems is vulnerable due to a reliance on the NULL pointer dereferencing mechanism. Exploiting this vulnerability could allow an...

Vulnerability of the ice_free_cpu_rx_rmap() function in the drivers/net/ethernet/intel/ice/ice_arfs.c module – a driver for supporting Ethernet network adapters in Linux kernel-based operating systems. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the icefreecpurxrmap function in the drivers/net/ethernet/intel/ice/icearfs.c module – The Linux kernel-based Intel Ethernet network adapter driver relies on the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...

Vulnerability of the amdgpu_get_xgmi_hive() function in the drivers/gpu/drm/amd/amdgpu/amdgpu_xgmi.c module – A driver for supporting AMD GPU cores in Linux operating systems, which allows a hacker to cause a service failure

Vulnerability of the amdgpugetxgmihive function in the drivers/gpu/drm/amd/amdgpu/amdgpuxgmi.c module – The Linux kernel driver for AMD GPU Direct Rendering Infrastructure supports is related to improper disabling or release of resources. Exploiting this vulnerability can allow an attacker to cau...

CVE-2025-0468

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2025-1865

The kernel driver, accessible to low-privileged users, exposes a function that fails to properly validate the privileges of the calling process. This allows creating files at arbitrary locations with full user control, ultimately allowing for privilege escalation to SYSTEM...

CVE-2025-1865 Local Privilege Escalation in Virtual CloneDrive Kernel Driver

The kernel driver, accessible to low-privileged users, exposes a function that fails to properly validate the privileges of the calling process. This allows creating files at arbitrary locations with full user control, ultimately allowing for privilege escalation to SYSTEM...

CVE-2025-1865 Local Privilege Escalation in Virtual CloneDrive Kernel Driver

The kernel driver, accessible to low-privileged users, exposes a function that fails to properly validate the privileges of the calling process. This allows creating files at arbitrary locations with full user control, ultimately allowing for privilege escalation to SYSTEM...

CVE-2025-1865

CVE-2025-1865 concerns a local privilege escalation in the Elby Virtual CloneDrive kernel driver. Documents consistently describe a function exposed to low-privileged users that fails to properly validate the privileges of the calling process, enabling creation of files at arbitrary locations wit...

Elby Virtual CloneDrive 访问控制错误漏洞

Elby Virtual CloneDrive is a virtual CD-ROM drive software from Elby that loads image files such as ISOs. An access control error vulnerability exists in Elby Virtual CloneDrive that stems from the kernel driver not properly validating calling process privileges, which could result in elevated...

PT-2025-14872 · Elaborate Bytes Ag · Virtual Clonedrive

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns a kernel driver that is accessible to low-privileged users. This driver exposes a function that fails to properly validate the privileges of the calling process, allowing...

PT-2025-29031

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: This issue resolves a critical lock within the iavf driver, eliminating error-prone logic associated with try locks. The resolution involves replacing the critical lock with a netdev...

Vulnerability of the md_check_recovery() function in the drivers/md/md.c module – The driver for supporting multiple devices (RAID and LVM) in the Linux kernel allows a hacker to trigger a service failure.

Vulnerability of the mdcheckrecovery function in the drivers/md/md.c module – The Linux kernel’s device support driver for multiple devices such as RAID and LVM is vulnerable due to improper disabling or release of resources. Exploiting this vulnerability could allow an attacker to cause system...

Vulnerability of the amdgpu_dm_atomic_check() function in the drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c file – This driver is part of the Linux operating system’s AMD graphics card Direct Rendering Infrastructure (DRI) support module. It allows a hacker to trigger a service failure.

Vulnerability of the amdgpudmatomiccheck function in the driver/gpu/drm/amd/display/amdgpudm/amdgpudm.c file – The driver for Linux operating system graphics cards that support Direct Rendering Infrastructure DRI is vulnerable due to a pointer issue related to NULL pointers. Exploiting this...

Vulnerability of the pvr2_context_exit() function in the drivers/media/usb/pvrusb2/pvrusb2-context.c file – This driver is a Linux kernel-based driver for supporting multimedia devices connected via USB. It allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the pvr2contextexit function in the drivers/media/usb/pvrusb2/pvrusb2-context.c module – The Linux kernel’s USB multimedia device driver architecture relies on the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of the ice_create VFEntries() function in the Linux kernel network driver allows a hacker to cause a service failure.

The vulnerability of the icecreate VFEntries function in the Linux kernel driver is related to improper release of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

Vulnerability of the mt7921_mcu_tx_rate_report() function in the drivers/net/wireless/mediatek/mt76/mt7921/mcu.c module – This driver is part of the Linux kernel’s wireless adapter support framework. It allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the mt7921mcutxratereport function in the drivers/net/wireless/mediatek/mt76/mt7921/mcu.c module – The driver for supporting wireless connection adapters in the Linux operating system is vulnerable due to buffer out-of-bounds reading. Exploiting this vulnerability could allow an...

The vulnerability of the am65_cpsw_ndo_bpf() function in the Linux kernel driver allows a hacker to induce a service failure.

The vulnerability of the am65cpswndobpf function in the Linux kernel driver is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the manaDestroyTxq() function in the Linux kernel driver allows a hacker to induce a service failure.

The vulnerability of the manaDestroyTxq function in the Linux kernel driver is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...