PUB-A-494629585

In Write of msgtohostbuffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-20585

Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity...

UBUNTU-CVE-2023-20585

Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity...

CVE-2023-20585

Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity...

CVE-2023-20585

CVE-2023-20585 : Insufficient checks of the RMP on host buffer access in IOMMU may allow a privileged attacker with a compromised hypervisor to trigger an out-of-bounds condition, risking confidentiality of guest memory and integrity. The vulnerability is associated with AMD IOMMU (RMP) handling....

CVE-2023-20585

Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity...

CVE-2023-20585

Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity...

UBUNTU-CVE-2025-40292

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix received length check in big packets Since commit 4959aebba8c0 "virtio-net: use mtu size as buffer length for big packets", when guest gso is off, the allocated size for big packets is not MAXSKBFRAGS PAGESIZE...

CVE-2025-6857

A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the function H5Gnodecmp3 of the file src/H5Gnode.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been...

CVE-2022-25670

Denial of service in WLAN HOST due to buffer over read while unpacking frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

CVE-2024-0099

NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could cause buffer overrun in the host. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service...

NVIDIA vGPU Software Security Vulnerability

NVIDIA vGPU Software is a management software from NVIDIA, USA, used to provide GPU capabilities to virtual machines. The software supports multiple virtual machines to access the host's GPU, providing graphics performance and application compatibility for virtual machines. A security vulnerabili...

CVE-2022-4172

An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table ERST device of QEMU in the readerstrecord and writeerstrecord functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could...

Integer overflow

An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table ERST device of QEMU in the readerstrecord and writeerstrecord functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could...

CVE-2022-4172

An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table ERST device of QEMU in the readerstrecord and writeerstrecord functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could...

CVE-2022-4172

An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table ERST device of QEMU in the readerstrecord and writeerstrecord functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could...

PT-2024-11112 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the KVM: SVM component of the Linux kernel. Access to the GHCB Guest-to-Host Communication Buffer is mainly in the VMGEXIT path and it is known that the GHCB wi...

CVE-2018-20340

Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow. An attacker could use this to attempt to execute malicious code using a crafted USB device masquerading as a security token on a computer where the affected library is...