NewStart CGSL MAIN 6.06 (SP) : kernel Vulnerability (NS-SA-2026-0028)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has kernel packages installed that are affected by a vulnerability: - In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case,...

CVE-2022-50842

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Check whether transferred 2D BO is shmem Transferred 2D BO always must be a shmem BO. Add check for that to prevent NULL dereference if userspace passes a VRAM BO...

Linux Distros Unpatched Vulnerability : CVE-2022-50181

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a...

DEBIAN-CVE-2021-47657

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Ensure that objs is not NULL in virtiogpuarrayputfree If virtiogpuobjectshmeminit fails e.g. due to fault injection, as it happened in the bug report by syzbot, virtiogpuarrayputfree could be called with objs equal to...

OESA-2024-1505 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or...

kernel: drm/virtio: improper return value check in virtio_gpu_object_shmem_init()

In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...

kernel: drm/virtio: improper return value check in virtio_gpu_object_shmem_init()

In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...

In the Linux kernel before 6.0.3 drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case whereas it is actually an error pointer).

...

DEBIAN-CVE-2023-22998

In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...

DEBIAN-CVE-2017-10810

Memory leak in the virtiogpuobjectcreate function in drivers/gpu/drm/virtio/virtgpuobject.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service memory consumption by triggering object-initialization failures...

DEBIAN-CVE-2016-10214

Memory leak in the virglresourceattachbacking function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service memory consumption via a large number of VIRTIOGPUCMDRESOURCEATTACHBACKING commands...

DEBIAN-CVE-2016-9845

QEMU aka Quick Emulator built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIOGPUCMDGETCAPSETINFO' command. A guest user/process could use this flaw to leak contents of the host memory bytes...

QEMU 'virtio-gpu-3d.c' Denial of Service Vulnerability

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. QEMU's 'virtio-gpu-3d.c' file has a denial of service vulnerability that can be exploited by an attacker to cause a denial of service...