247 matches found
The vulnerability of the virtio-gpu component of the Parallels Desktop hypervisor Virtual Device allows a hacker to execute arbitrary code.
The vulnerability of the virtio-gpu Virtual Device component in Parallels Desktop hypervisor is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by writing data beyond the bounds of the allocated buffer...
Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest system must visit a malicious page or open a malicious file. The specific flaw exists withi...
OESA-2023-1324 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer.CVE-2023-22998...
kernel: virtio-gpu: fix a missing check to avoid NULL dereference
In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...
kernel: drm/virtio: improper return value check in virtio_gpu_object_shmem_init()
In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...
qemu-kvm security update
6.1.1-6.el9 - Update changelog Karl Heubaum Orabug: 35343538 - ebpf: fix compatibility with libbpf 1.0+ Shreesh Adiga Orabug: 35268538 - ebpf: replace deprecated bpfprogramsetsocketfilter Haochen Tong Orabug: 35268538 - CVE-2023-1544 is not applicable to Oracle QEMU 6.1.1 Karl Heubaum Orabug:...
kernel: virtio-gpu: fix a missing check to avoid NULL dereference
In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...
kernel: drm/virtio: improper return value check in virtio_gpu_object_shmem_init()
In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...
PT-2025-26107 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL dereference issue has been identified in the Linux kernel, specifically in the virtio-gpu component. The issue arises when the cache ent variable is set to NULL within the virti...
PT-2023-8013 · Parallels · Parallels Desktop
Name of the Vulnerable Software and Affected Versions: Parallels Desktop affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this issue, where the target i...
The vulnerability of the drm_gem_shmem_get_sg_table function (drivers/gpu/drm/virtio/virtgpu_object.c) in the Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the drmgemshmemgetsgtable function drivers/gpu/drm/virtio/virtgpuobject.c in the Linux kernel leads to a situation where interpretation conflicts may occur. Exploiting this vulnerability could allow an attacker to cause service failures...
CVE-2023-22998
In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...
SUSE CVE-2016-7994
Memory leak in the virtiogpuresourcecreate2d function in hw/display/virtio-gpu.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via a large number of VIRTIOGPUCMDRESOURCECREATE2D commands...
SUSE CVE-2016-9845
QEMU aka Quick Emulator built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIOGPUCMDGETCAPSETINFO' command. A guest user/process could use this flaw to leak contents of the host memory bytes...
SUSE CVE-2016-9846
QEMU aka Quick Emulator built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while updating the cursor data in updatecursordatavirgl. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host...
SUSE CVE-2016-9908
Quick Emulator Qemu built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIOGPUCMDGETCAPSET' command. A guest user/process could use this flaw to leak contents of the host memory bytes...
SUSE CVE-2016-9912
Quick Emulator Qemu built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while destroying gpu resource object in 'virtiogpuresourcedestroy'. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host...
SUSE CVE-2016-10028
The virglcmdgetcapset function in hw/display/virtio-gpu-3d.c in QEMU aka Quick Emulator built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service out-of-bounds read and process crash via a VIRTIOGPUCMDGETCAPSET command with a maximum capabilities size...
SUSE CVE-2016-10029
The virtiogpusetscanout function in QEMU aka Quick Emulator built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service out-of-bounds read and process crash via a scanout id in a VIRTIOGPUCMDSETSCANOUT command larger than numscanouts...
SUSE CVE-2016-10214
Memory leak in the virglresourceattachbacking function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service memory consumption via a large number of VIRTIOGPUCMDRESOURCEATTACHBACKING commands...