249 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-3886
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A design error vulnerability has been identified in QEMU. This issue affects the virtio-gpu driver. CVE-2026-3886 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2026-53347
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio- gpu driver built with disabled KMS, leading to access ...
CVE-2026-53347
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio-gpu driver built with disabled KMS, leading to access of uninitialized data on driver removal/unbinding and crashing kernel...
EUVD-2026-40981
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio-gpu driver built with disabled KMS, leading to access of uninitialized data on driver removal/unbinding and crashing kernel...
CVE-2026-53347
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio-gpu driver built with disabled KMS, leading to access of uninitialized data on driver removal/unbinding and crashing kernel...
CVE-2026-53347
CVE-2026-53347 affects the Linux kernel’s drm/virtio component (virtio-gpu) when built with KMS disabled. The issue: DRM atomic and modesetting aren’t initialized during driver removal/unbinding, leading to access of uninitialized data and possible kernel crash. The fix: skip shutting down the at...
Linux Distros Unpatched Vulnerability : CVE-2026-53190
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/virtio: fix dmafence refcount leak on error in virtiogpudmafencewait dmafenceunwrapforeach internally calls dmafenceunwrapfirst which does cursor-chain =...
drm/virtio: fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait()
...
SUSE CVE-2026-53190
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix dmafence refcount leak on error in virtiogpudmafencewait dmafenceunwrapforeach internally calls dmafenceunwrapfirst which does cursor-chain = dmafencegethead, taking an extra reference. On normal loop completion,...
UBUNTU-CVE-2026-53190
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix dmafence refcount leak on error in virtiogpudmafencewait dmafenceunwrapforeach internally calls dmafenceunwrapfirst which does cursor-chain = dmafencegethead, taking an extra reference. On normal loop completion,...
EUVD-2026-39281
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix dmafence refcount leak on error in virtiogpudmafencewait dmafenceunwrapforeach internally calls dmafenceunwrapfirst which does cursor-chain = dmafencegethead, taking an extra reference. On normal loop completion,...
CVE-2026-53190
CVE-2026-53190 concerns a Linux kernel vulnerability in the drm/virtio path where a refcount leak could occur in error handling of virtio_gpu_dma_fence_wait(). The root cause is that dma_fence_unwrap_for_each() calls dma_fence_unwrap_first(), which assigns cursor->chain = dma_fence_get(head) (...
QEMU 8.1.x < 10.0.10 / 10.2.x < 10.2.3 / 11.0.x < 11.0.1 Privilege Escalation
The version of QEMU installed on the remote Windows host is affected by a privilege escalation vulnerability: - An integer overflow exists in the calcimagehostmem function within the virtio-gpu driver due to the lack of proper validation of user-supplied data before allocating a buffer. A local...
QEMU calc_image_hostmem Integer Overflow Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of QEMU. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the virtio-gpu driver. Th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: A missing check was fixed to avoid NULL dereferencing. cacheent could potentially be set to NULL inside virtiogpucmdgetcapset, which would lead to a NULL dereferencing due to its recent use i.e., ptr =...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Ensure that objs is not NULL in virtiogpuarrayputfree. If virtiogpuobjectshmeminit fails e.g., due to fault injection, as happened in the bug report by syzbot, virtiogpuarrayputfree might be called with objs being NUL...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: drm/virtio: fixed a NULL pointer dereference in virtiogpuconngetmodes. drmcvtmode may return NULL, and we should check for this. This bug was discovered by syzkaller: FAULTINJECTION stacktrace: 168.567394 FAULTINJECTION: forci...
CVE-2026-3886
virtio-gpu: fix overflow check when allocating 2d image...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006643)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006643 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside...
UBUNTU-CVE-2026-23390
In the Linux kernel, the following vulnerability has been resolved: tracing/dma: Cap dmamapsg tracepoint arrays to prevent buffer overflow The dmamapsg tracepoint can trigger a perf buffer overflow when tracing large scatter-gather lists. With devices like virtio-gpu creating large DRM buffers,...