36 matches found
CVE-2026-53287
In the Linux kernel, the following vulnerability has been resolved: audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste error. Every CAPSET audit record therefore reports cappi process...
SUSE CVE-2026-53287
In the Linux kernel, the following vulnerability has been resolved: audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste error. Every CAPSET audit record therefore reports cappi process...
Linux Distros Unpatched Vulnerability : CVE-2026-53287
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste...
CVE-2026-53287
CVE-2026-53287 affects the Linux kernel audit CAPSET path. A copy-paste bug in __audit_log_capset() writes cap_pi (inheritable) with cap_effective, corrupting inheritable audit data and enabling privilege-escalation prep in the audit trail. The issue is fixed in the Linux kernel; patches exist in...
Astra Linux – Vulnerability in Qemu
A out-of-bounds write vulnerability was discovered in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. This flaw occurs during the processing of the ‘VIRTIOGPUCMDGETCAPSET’ command from the guest. It could allow a privileged guest user to crash the QEMU...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: A missing check was fixed to avoid NULL dereferencing. cacheent could potentially be set to NULL inside virtiogpucmdgetcapset, which would lead to a NULL dereferencing due to its recent use i.e., ptr =...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006643)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006643 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992434)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992434 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside...
EUVD-2022-55445
Malicious code in bioql PyPI...
SUSE CVE-2022-50181
In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...
DEBIAN-CVE-2022-50181
In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...
UBUNTU-CVE-2022-50181
In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...
kernel: virtio-gpu: fix a missing check to avoid NULL dereference
In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...
kernel: virtio-gpu: fix a missing check to avoid NULL dereference
In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...
SUSE CVE-2016-9845
QEMU aka Quick Emulator built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIOGPUCMDGETCAPSETINFO' command. A guest user/process could use this flaw to leak contents of the host memory bytes...
SUSE CVE-2016-9908
Quick Emulator Qemu built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIOGPUCMDGETCAPSET' command. A guest user/process could use this flaw to leak contents of the host memory bytes...
SUSE CVE-2016-10028
The virglcmdgetcapset function in hw/display/virtio-gpu-3d.c in QEMU aka Quick Emulator built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service out-of-bounds read and process crash via a VIRTIOGPUCMDGETCAPSET command with a maximum capabilities size...
SUSE CVE-2021-3545
An information disclosure vulnerability was found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw exists in virglcmdgetcapsetinfo in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest...
SUSE CVE-2021-3546
An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIOGPUCMDGETCAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on t...
The vulnerability of the `virgl_cmd_get_capset_info()` function in the `contrib/vhost-user-gpu/virgl.c` component of the QEMU hardware emulation software, related to the disclosure of information, allows a malicious actor to gain access to confidential data.
The vulnerability of the virglcmdgetcapsetinfo function in the contrib/vhost-user-gpu/virgl.c component of the QEMU hardware emulation software is related to the disclosure of information. Exploiting this vulnerability allows an attacker to gain access to confidential data...