2 matches found
USN-3762-1 linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities
It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information kernel memory. CVE-2018-1118 Seunghun Han discovered an information leak in the ACPI handling code in the...
Qemu: virtio: unbounded memory allocation on host via guest leading to DoS
Quick Emulator QEMU built with the virtio framework is vulnerable to an unbounded memory allocation issue. It was found that a malicious guest user could submit more requests than the virtqueue size permits. Processing a request allocates a VirtQueueElement results in unbounded memory allocation ...