2 matches found
CVE-2026-53170
A flaw was found in the Linux kernel's accel/ethosu driver. A local attacker could exploit a vulnerability where DMA commands with uninitialized length are not properly handled. By omitting a specific DMA length setup command and issuing a DMA start command, a user could bypass bounds checks,...
CVE-2016-4441
The getcmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller FSC support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash via unspecified vectors, involving an SCSI command...