Lucene search
K

247 matches found

BDU FSTEC
BDU FSTEC
added 2023/12/27 12:0 a.m.9 views

The vulnerability of the virtio-gpu component of the Parallels Desktop hypervisor Virtual Device allows a hacker to execute arbitrary code.

The vulnerability of the virtio-gpu Virtual Device component in Parallels Desktop hypervisor is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by writing data beyond the bounds of the allocated buffer...

8.3CVSS7.9AI score0.00757EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2023/12/19 12:0 a.m.27 views

Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest system must visit a malicious page or open a malicious file. The specific flaw exists withi...

8.3CVSS7.3AI score0.00757EPSS
Exploits0References1
OSV
OSV
added 2023/06/03 11:5 a.m.2 views

OESA-2023-1324 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer.CVE-2023-22998...

5.5CVSS6.5AI score0.00304EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.3 views

kernel: virtio-gpu: fix a missing check to avoid NULL dereference

In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...

5.5CVSS6.3AI score0.00208EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/16 8:43 a.m.5 views

kernel: drm/virtio: improper return value check in virtio_gpu_object_shmem_init()

In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...

5.5CVSS6.6AI score0.00304EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2023/05/16 12:0 a.m.48 views

qemu-kvm security update

6.1.1-6.el9 - Update changelog Karl Heubaum Orabug: 35343538 - ebpf: fix compatibility with libbpf 1.0+ Shreesh Adiga Orabug: 35268538 - ebpf: replace deprecated bpfprogramsetsocketfilter Haochen Tong Orabug: 35268538 - CVE-2023-1544 is not applicable to Oracle QEMU 6.1.1 Karl Heubaum Orabug:...

8.8CVSS6.7AI score0.0114EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.4 views

kernel: virtio-gpu: fix a missing check to avoid NULL dereference

In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...

5.5CVSS6.3AI score0.00208EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: drm/virtio: improper return value check in virtio_gpu_object_shmem_init()

In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...

5.5CVSS6.6AI score0.00304EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/05/09 12:0 a.m.12 views

PT-2025-26107 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL dereference issue has been identified in the Linux kernel, specifically in the virtio-gpu component. The issue arises when the cache ent variable is set to NULL within the virti...

8.8CVSS7.8AI score0.12746EPSS
Exploits32References1114
Positive Technologies
Positive Technologies
added 2023/05/05 12:0 a.m.7 views

PT-2023-8013 · Parallels · Parallels Desktop

Name of the Vulnerable Software and Affected Versions: Parallels Desktop affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this issue, where the target i...

8.3CVSS7.4AI score0.00757EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/03/15 12:0 a.m.6 views

The vulnerability of the drm_gem_shmem_get_sg_table function (drivers/gpu/drm/virtio/virtgpu_object.c) in the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the drmgemshmemgetsgtable function drivers/gpu/drm/virtio/virtgpuobject.c in the Linux kernel leads to a situation where interpretation conflicts may occur. Exploiting this vulnerability could allow an attacker to cause service failures...

5.5CVSS6.5AI score0.00304EPSS
Exploits0References19Affected Software4
Cvelist
Cvelist
added 2023/02/28 12:0 a.m.17 views

CVE-2023-22998

In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...

6.7AI score0.00304EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:57 a.m.3 views

SUSE CVE-2016-7994

Memory leak in the virtiogpuresourcecreate2d function in hw/display/virtio-gpu.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via a large number of VIRTIOGPUCMDRESOURCECREATE2D commands...

6CVSS8.4AI score0.00394EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.3 views

SUSE CVE-2016-9845

QEMU aka Quick Emulator built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIOGPUCMDGETCAPSETINFO' command. A guest user/process could use this flaw to leak contents of the host memory bytes...

6.5CVSS9.1AI score0.00416EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.3 views

SUSE CVE-2016-9846

QEMU aka Quick Emulator built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while updating the cursor data in updatecursordatavirgl. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host...

6.5CVSS9.2AI score0.00418EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.3 views

SUSE CVE-2016-9908

Quick Emulator Qemu built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIOGPUCMDGETCAPSET' command. A guest user/process could use this flaw to leak contents of the host memory bytes...

3.3CVSS9.1AI score0.00402EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.3 views

SUSE CVE-2016-9912

Quick Emulator Qemu built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while destroying gpu resource object in 'virtiogpuresourcedestroy'. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host...

6.5CVSS9.2AI score0.00404EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.3 views

SUSE CVE-2016-10028

The virglcmdgetcapset function in hw/display/virtio-gpu-3d.c in QEMU aka Quick Emulator built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service out-of-bounds read and process crash via a VIRTIOGPUCMDGETCAPSET command with a maximum capabilities size...

5.4CVSS8.6AI score0.00429EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.4 views

SUSE CVE-2016-10029

The virtiogpusetscanout function in QEMU aka Quick Emulator built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service out-of-bounds read and process crash via a scanout id in a VIRTIOGPUCMDSETSCANOUT command larger than numscanouts...

5.4CVSS8.7AI score0.00413EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.3 views

SUSE CVE-2016-10214

Memory leak in the virglresourceattachbacking function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service memory consumption via a large number of VIRTIOGPUCMDRESOURCEATTACHBACKING commands...

6.5CVSS6.5AI score0.00414EPSS
Exploits0References4
Rows per page
Query Builder