Lucene search
K

247 matches found

OSV
OSV
added 2021/06/02 2:15 p.m.1 views

DEBIAN-CVE-2021-3544

Several memory leaks were found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory i.e., free after effective lifetime...

6.5CVSS6.2AI score0.00436EPSS
Exploits0References1
OSV
OSV
added 2021/06/02 2:15 p.m.5 views

UBUNTU-CVE-2021-3546

An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIOGPUCMDGETCAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on t...

8.2CVSS7AI score0.00463EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2020/04/08 7:2 p.m.31 views

CVE-2016-7994

Memory leak in the virtiogpuresourcecreate2d function in hw/display/virtio-gpu.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via a large number of VIRTIOGPUCMDRESOURCECREATE2D commands...

6CVSS6AI score0.00394EPSS
Exploits0References1
OSV
OSV
added 2017/09/13 11:58 a.m.4 views

USN-3414-1 qemu vulnerabilities

Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges inside the guest. CVE-2017-7493 Li Qiang discovered that QEMU incorrectly handled VMWare PVSCSI emulation. A privileged attacker inside the guest could use this...

9.8CVSS6.7AI score0.04093EPSS
Exploits0References17
OSV
OSV
added 2017/08/16 6:55 a.m.4 views

USN-3392-1 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon regression

USN-3378-1 fixed vulnerabilities in the Linux kernel. Unfortunately, a regression was introduced that prevented conntrack from working correctly in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Fan Wu and Shixiong Zhao discovered a...

6AI score
Exploits0References2
OSV
OSV
added 2017/08/13 1:17 p.m.11 views

MGASA-2017-0260 Updated kernel-linus packages fixes security and other bugs

This kernel-linus update is based on upstream 4.4.79 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...

7.8CVSS7.4AI score0.03763EPSS
Exploits0References7
Mageia
Mageia
added 2017/08/13 1:17 p.m.46 views

Updated kernel-linus packages fixes security and other bugs

This kernel-linus update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...

7.8CVSS1.4AI score0.03763EPSS
Exploits0References6
Mageia
Mageia
added 2017/08/13 1:17 p.m.53 views

Updated kernel-tmb packages fixes security and other bugs

This kernel-tmb update is based on upstream 4.4.79 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...

7.8CVSS0.7AI score0.03763EPSS
Exploits0References6
Mageia
Mageia
added 2017/08/13 1:17 p.m.45 views

Updated kernel-tmb packages fixes security and other bugs

This kernel-tmb update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...

7.8CVSS0.9AI score0.03763EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2017/08/07 12:0 a.m.48 views

Debian DSA-3927-1 : linux - security update (Stack Clash)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. - CVE-2017-7346 Li Qiang discovered that the DRM driver for VMware virtual GPUs does not properly check user-controlled values in the...

7.8CVSS7.3AI score0.03763EPSS
Exploits11References23
Tenable Nessus
Tenable Nessus
added 2017/08/04 12:0 a.m.73 views

Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3377-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3377-2 advisory. USN-3377-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement H...

7.8CVSS6.6AI score0.03763EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2017/08/04 12:0 a.m.34 views

Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3377-1) (Stack Clash)

Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2017-7533 It was discovered that the Linux kernel did n...

7.8CVSS6.5AI score0.03763EPSS
Exploits3References5
Mageia
Mageia
added 2017/08/03 7:5 p.m.50 views

Updated kernel packages fixes security and other bugs

This kernel update is based on upstream 4.4.79 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...

7.8CVSS0.7AI score0.03763EPSS
Exploits0References6
OSV
OSV
added 2017/08/03 5:38 p.m.4 views

USN-3378-2 linux-lts-xenial vulnerabilities

USN-3378-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs...

7.8CVSS6.8AI score0.03763EPSS
Exploits3References5
OSV
OSV
added 2017/08/03 5:14 p.m.8 views

USN-3377-2 linux-hwe vulnerabilities

USN-3377-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename...

7.8CVSS6.8AI score0.03763EPSS
Exploits3References5
OSV
OSV
added 2017/08/03 4:52 p.m.3 views

USN-3378-1 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities

Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2017-7533 It was discovered that the Linux kernel did n...

7.8CVSS6.8AI score0.03763EPSS
Exploits3References5
Ubuntu
Ubuntu
added 2017/08/03 4:52 p.m.81 views

USN-3378-1: Linux kernel vulnerabilities

Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2017-7533 It was discovered that the Linux kernel did n...

7.8CVSS6.8AI score0.03763EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2017/07/27 12:0 a.m.252 views

Fedora 25 : 2:qemu (2017-f941184db1)

CVE-2017-7718: cirrus: OOB read access issue bz 1443443 - CVE-2016-9603: cirrus: heap buffer overflow via vnc connection bz 1432040 - CVE-2017-7377: 9pfs: fix file descriptor leak bz 1437872 - CVE-2017-7980: cirrus: OOB r/w access issues in bitblt bz 1444372 - CVE-2017-8112: vmwpvscsi: infinite...

9.9CVSS7.3AI score0.04544EPSS
Exploits0References14
CNVD
CNVD
added 2017/07/06 12:0 a.m.30 views

Linux Kernel 'virtio_gpu_object_create' Function Denial of Service Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the 'virtiogpuobjectcreate' function in the drivers/gpu/drm/virtio/virtgpuobject.c file in Linux kernel 4.11.8 and earlier. An...

7.8CVSS6.4AI score0.03763EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/07/05 7:48 p.m.37 views

CVE-2017-10810

Memory leak in the virtiogpuobjectcreate function in drivers/gpu/drm/virtio/virtgpuobject.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service memory consumption by triggering object-initialization failures...

7.8CVSS5.3AI score0.03763EPSS
Exploits0References1
Rows per page
Query Builder