PT-2025-49378

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the drm/vmwgfx module where command header size validation against SVGA CMD MAX DATASIZE is insufficient. Data originating from userspace, used in...

kernel: kernel: buffer over write in vgacon_scroll

A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VTRESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the...

A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console calling an ioctl VT_RESIZE which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

...

CVE-2020-8871

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.0-47107 . An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists with...

DEBIAN-CVE-2017-13672

QEMU aka Quick Emulator, when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service out-of-bounds read and QEMU process crash via vectors involving display update...

Qemu Denial of Service Vulnerability (CNVD-2017-30585)

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A security vulnerability exists in the vga display update in QEMU versions 2.8.0 through 2.9.0. An attacker can exploit this vulnerability to...

Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy

The cirrusdocopy function in hw/display/cirrusvga.c in QEMU aka Quick Emulator, when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service divide-by-zero error and QEMU process crash via vectors involving blit pitch values...

QEMU VGA Module Denial of Service Vulnerability

QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A security vulnerability exists in QEMU's VGA module. An attacker can exploit this vulnerability to execute arbitrary code on the host computer with elevated privileges...

UBUNTU-CVE-2016-3712

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service out-of-bounds read and QEMU process crash by editing VGA registers in VBE mode...