Lucene search
K

36 matches found

RedhatCVE
RedhatCVE
added 2026/06/30 2:57 a.m.9 views

CVE-2026-53287

In the Linux kernel, the following vulnerability has been resolved: audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste error. Every CAPSET audit record therefore reports cappi process...

5.5CVSS5.8AI score0.00176EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/28 1:9 a.m.9 views

SUSE CVE-2026-53287

In the Linux kernel, the following vulnerability has been resolved: audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste error. Every CAPSET audit record therefore reports cappi process...

5.8AI score0.00176EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste...

5.5CVSS5.9AI score0.00176EPSS
Exploits0References3
CVE
CVE
added 2026/06/26 7:40 p.m.13 views

CVE-2026-53287

CVE-2026-53287 affects the Linux kernel audit CAPSET path. A copy-paste bug in __audit_log_capset() writes cap_pi (inheritable) with cap_effective, corrupting inheritable audit data and enabling privilege-escalation prep in the audit trail. The issue is fixed in the Linux kernel; patches exist in...

5.5CVSS5.8AI score0.00176EPSS
Exploits0References8Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Qemu

A out-of-bounds write vulnerability was discovered in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. This flaw occurs during the processing of the ‘VIRTIOGPUCMDGETCAPSET’ command from the guest. It could allow a privileged guest user to crash the QEMU...

8.2CVSS7.1AI score0.00463EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: A missing check was fixed to avoid NULL dereferencing. cacheent could potentially be set to NULL inside virtiogpucmdgetcapset, which would lead to a NULL dereferencing due to its recent use i.e., ptr =...

5.5CVSS6AI score0.00203EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006643 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside...

5.5CVSS6.2AI score0.00203EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992434)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992434 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside...

5.5CVSS6.2AI score0.00203EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-55445

Malicious code in bioql PyPI...

7.1AI score0.00203EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/06/19 3:39 a.m.2 views

SUSE CVE-2022-50181

In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...

5.5CVSS6.1AI score0.00203EPSS
Exploits0References12
OSV
OSV
added 2025/06/18 11:15 a.m.1 views

DEBIAN-CVE-2022-50181

In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...

5.5CVSS5.3AI score0.00203EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 11:15 a.m.3 views

UBUNTU-CVE-2022-50181

In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...

5.5CVSS6AI score0.00203EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.3 views

kernel: virtio-gpu: fix a missing check to avoid NULL dereference

In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...

5.5CVSS6.3AI score0.00203EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.4 views

kernel: virtio-gpu: fix a missing check to avoid NULL dereference

In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...

5.5CVSS6.3AI score0.00203EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.2 views

SUSE CVE-2016-9845

QEMU aka Quick Emulator built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIOGPUCMDGETCAPSETINFO' command. A guest user/process could use this flaw to leak contents of the host memory bytes...

6.5CVSS9.1AI score0.00416EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.3 views

SUSE CVE-2016-9908

Quick Emulator Qemu built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIOGPUCMDGETCAPSET' command. A guest user/process could use this flaw to leak contents of the host memory bytes...

3.3CVSS9.1AI score0.00402EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.2 views

SUSE CVE-2016-10028

The virglcmdgetcapset function in hw/display/virtio-gpu-3d.c in QEMU aka Quick Emulator built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service out-of-bounds read and process crash via a VIRTIOGPUCMDGETCAPSET command with a maximum capabilities size...

5.4CVSS8.6AI score0.00429EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.6 views

SUSE CVE-2021-3545

An information disclosure vulnerability was found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw exists in virglcmdgetcapsetinfo in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest...

5CVSS6.5AI score0.00421EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.2 views

SUSE CVE-2021-3546

An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIOGPUCMDGETCAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on t...

6.5CVSS7.5AI score0.00463EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2021/12/21 12:0 a.m.5 views

The vulnerability of the `virgl_cmd_get_capset_info()` function in the `contrib/vhost-user-gpu/virgl.c` component of the QEMU hardware emulation software, related to the disclosure of information, allows a malicious actor to gain access to confidential data.

The vulnerability of the virglcmdgetcapsetinfo function in the contrib/vhost-user-gpu/virgl.c component of the QEMU hardware emulation software is related to the disclosure of information. Exploiting this vulnerability allows an attacker to gain access to confidential data...

6.5CVSS6.4AI score0.00421EPSS
Exploits0References9Affected Software4
Rows per page
Query Builder