Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010728)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010728 advisory. drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating rawcmd...

CVE-2026-26325 OpenClaw Node host system.run rawCommand/command mismatch can bypass allowlist/approvals

OpenClaw is a personal AI assistant. Prior to version 2026.2.14, a mismatch between rawCommand and command in the node host system.run handler could cause allowlist/approval evaluation to be performed on one command while executing a different argv. This only impacts deployments that use the node...

CVE-2026-26325 OpenClaw Node host system.run rawCommand/command mismatch can bypass allowlist/approvals

OpenClaw is a personal AI assistant. Prior to version 2026.2.14, a mismatch between rawCommand and command in the node host system.run handler could cause allowlist/approval evaluation to be performed on one command while executing a different argv. This only impacts deployments that use the node...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001040)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001040 advisory. The rawcmdcopyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioc...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002439)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002439 advisory. The rawcmdcopyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioc...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002504)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002504 advisory. The rawcmdcopyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioc...

UBUNTU-CVE-2022-50709

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at ath9khtcrxmsg 1, for ioctlUSBRAWIOCTLEPWRITE can call ath9khifusbrxstream with pktlen = 0 but ath9khifusbrxstream uses devallocskbpktlen +...

EUVD-2006-0006

Malware in sbrugna...

Rancher 'Audit Log' leaks sensitive information

Impact A vulnerability has been identified which may lead to sensitive data being leaked into Rancher's audit logs. Rancher Audit Logging is an opt-in feature, only deployments that have it enabled and have AUDITLEVEL set to 1 or above are impacted by this issue. The leaks might be caught in the...

SUSE CVE-2014-1738

The rawcmdcopyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to...

The vulnerability of the Linux operating system, which allows a malicious individual to gain access to protected information

The function rawcmdcopyout in the file /drivers/block/floppy.c contains an error in the handling of permissions for accessing memory pointers during the execution of the system call FDRAWCMD. This allows a malicious individual to gain access to information stored in the dynamic memory of the...

The vulnerability of the Linux operating system, which allows a malicious individual to trigger a service failure or increase their privileges.

The Linux operating system contains a vulnerability related to errors in processing system calls. Exploiting this vulnerability allows for performing service failures or increasing privileges when executing the system call FDRAWCMD ioctl...

kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command

A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory. CVE-2014-173...

DEBIAN-CVE-2014-1738

The rawcmdcopyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to...

DEBIAN-CVE-2014-1737

The rawcmdcopyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device...

UBUNTU-CVE-2014-1737

The rawcmdcopyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device...

PT-2014-1007 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.14.3 Description: The issue is related to the raw cmd copyin function in drivers/block/floppy.c, which does not properly handle error conditions during processing of an FDRAWCMD ioctl call. This allows local...

FreeFloat FTP 1.0 Buffer Overflow

!/usr/bin/env python Exploit Title: FreeFloat FTP raw commands buffer overflow Date: 10 Feb 2013 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://www.freefloat.com/ Version: FreeFloat FTP 1.0 Tested on: Windows XP Pro SP2, English Description: FreeFloat FTP 1.0...

Ubuntu 5.10 : zope2.8 vulnerability (USN-317-1)

Zope did not deactivate the 'raw' command when exposing RestructuredText functionalities to untrusted users. A remote user with the privilege of editing Zope webpages with RestructuredText could exploit this to expose arbitrary files that can be read with the privileges of the Zope server. Note...

DEBIAN-CVE-2006-3695

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text reStructuredText functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting XSS attacks, or cause a denial of service via...