The vulnerability of DRM/Vboxvideo components in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the DRM/Vboxvideo components in the Linux operating system is related to an operation that goes beyond the buffer boundaries in memory, within the function hgsmiupdatepointershape. Exploiting this vulnerability can allow a hacker to cause a service failure...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace the fake VLA at the end of vbvamousepointershape with a real VLA. Replace the fake VLA at the end of the vbvamousepointershape structure with a real VLA to fix a “memcpy: detected field-spanning write error...

SUSE CVE-2024-50134

In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...

DEBIAN-CVE-2024-50134

In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...

UBUNTU-CVE-2024-50134

In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...

CVE-2024-50134

CVE-2024-50134 affects the Linux kernel driver drm/vboxvideo (vbva_mouse_pointer_shape). The issue stems from a fake VLA at the end of vbva_mouse_pointer_shape triggering a field-spanning memcpy write in hgsmi_base.c:154. The patch replaces the fake VLA with a real VLA to fix the warning and pote...

VirtualBox 5.2.6.r120293 - VM Escape

Oracle fixed some of the issues I reported in VirtualBox during the Oracle Critical Patch Update - April 2018. CVE-2018-2844 was an interesting double fetch vulnerability in VirtualBox Video Acceleration VBVA feature affecting Linux hosts. VBVA feature works on top of VirtualBox Host-Guest Shared...

Oracle VirtualBox Multiple Guest to Host Escape Vulnerabilities(CVE-2018-2698)

Vulnerabilities summary The following advisory describes two 2 guest to host escape found in Oracle VirtualBox version 5.1.30, and VirtualBox version 5.2-rc1. Credit An independent security researcher, Niklas Baumstark, has reported this vulnerability to Beyond Security’s SecuriTeam Secure...

Oracle VirtualBox < 5.1.30 / < 5.2-rc1 - Guest to Host Escape Vulnerability

Exploit for multiple platform in category local exploits SSD Advisory – Oracle VirtualBox Multiple Guest to Host Escape Vulnerabilities Source: https://blogs.securiteam.com/index.php/archives/3649 Vulnerabilities summary The following advisory describes two 2 guest to host escape found in Oracle...

Oracle VirtualBox &lt; 5.1.30 / &lt; 5.2-rc1 - Guest to Host Escape

SSD Advisory – Oracle VirtualBox Multiple Guest to Host Escape Vulnerabilities Source: https://blogs.securiteam.com/index.php/archives/3649 Vulnerabilities summary The following advisory describes two 2 guest to host escape found in Oracle VirtualBox version 5.1.30, and VirtualBox version 5.2-rc1...