869 matches found
CVE-2025-15037
An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...
CVE-2025-15037
CVE-2025-15037 affects the ASUS Business System Control Interface driver. An unprivileged local user can trigger a crafted IOCTL request, potentially leading to unauthorized access to hardware resources and kernel information disclosure. References point to the ASUS Security Advisory for details....
PT-2026-24910
🚨 CVE-2025-15038 An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by a unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash...
ASUS Business System Control Interface 安全漏洞
ASUS Business System Control Interface is a system control interface developed by ASUS, a Chinese technology company. There is a security vulnerability in the ASUS Business System Control Interface. This vulnerability stems from improper permission allocation, which may allow unauthorized local...
ASUS Business System Control Interface 安全漏洞
ASUS Business System Control Interface is a system control interface developed by ASUS, a Chinese company. There is a security vulnerability in the ASUS Business System Control Interface. This vulnerability stems from excessive reading of data, which could allow unauthorized local users to access...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005436)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005436 advisory. In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in confontget font.data may not initialize all memory spaces dependin...
wifi: avoid kernel-infoleak from struct iw_point
...
kernel: smb: client: Fix use-after-free in cifs_fill_dirent
A use-after-free flaw was found in cifsfilldirent in fs/cifs/readdir.c in smb client in the Linux Kernel. This flaw could allow an attacker to crash the system due to race problem. This vulnerability could even lead to a kernel information leak problem...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
kernel: Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once
A use-after-free flaw was found in hcicmdsyncdequeueonce in net/bluetooth/hcisync.c in Bluetooth: hcisync in Linux Kernel. This vulnerability could even lead to a kernel information leak problem...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
kernel: KVM: arm64: Tear down vGIC on failed vCPU creation
A use-after-free flaw was found in KVM for arm64 in the Linux Kernel, if the kvmarchvcpucreate fails to share the vCPU page with the hypervisor. This vulnerability could even lead to a kernel information leak problem...
kernel: smb: client: Fix use-after-free in cifs_fill_dirent
A use-after-free flaw was found in cifsfilldirent in fs/cifs/readdir.c in smb client in the Linux Kernel. This flaw could allow an attacker to crash the system due to race problem. This vulnerability could even lead to a kernel information leak problem...
kernel: KVM: arm64: Tear down vGIC on failed vCPU creation
A use-after-free flaw was found in KVM for arm64 in the Linux Kernel, if the kvmarchvcpucreate fails to share the vCPU page with the hypervisor. This vulnerability could even lead to a kernel information leak problem...
kernel: smb: client: Fix use-after-free in cifs_fill_dirent
A use-after-free flaw was found in cifsfilldirent in fs/cifs/readdir.c in smb client in the Linux Kernel. This flaw could allow an attacker to crash the system due to race problem. This vulnerability could even lead to a kernel information leak problem...
kernel: KVM: arm64: Tear down vGIC on failed vCPU creation
A use-after-free flaw was found in KVM for arm64 in the Linux Kernel, if the kvmarchvcpucreate fails to share the vCPU page with the hypervisor. This vulnerability could even lead to a kernel information leak problem...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005024)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005024 advisory. In the Linux kernel, the following vulnerability has been resolved: inetdiag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak 1, that can...
kernel: Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once
A use-after-free flaw was found in hcicmdsyncdequeueonce in net/bluetooth/hcisync.c in Bluetooth: hcisync in Linux Kernel. This vulnerability could even lead to a kernel information leak problem...
CVE-2026-22978
In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iwpoint struct iwpoint has a 32bit hole on 64bit arches. struct iwpoint void user pointer; / Pointer to the data in user space / u16 length; / number of fields or size in bytes / u16 flags;...