Lucene search
K

244 matches found

OSV
OSV
added 2025/02/26 6:37 a.m.2 views

UBUNTU-CVE-2021-47657

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Ensure that objs is not NULL in virtiogpuarrayputfree If virtiogpuobjectshmeminit fails e.g. due to fault injection, as it happened in the bug report by syzbot, virtiogpuarrayputfree could be called with objs equal to...

5.5CVSS6.1AI score0.00261EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/02/26 2:13 a.m.12 views

CVE-2022-49532 drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix NULL pointer dereference in virtiogpuconngetmodes drmcvtmode may return NULL and we should check it. This bug is found by syzkaller: FAULTINJECTION stacktrace: 168.567394 FAULTINJECTION: forcing a failure. name...

0.00315EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/02/26 2:13 a.m.2 views

CVE-2022-49532 drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix NULL pointer dereference in virtiogpuconngetmodes drmcvtmode may return NULL and we should check it. This bug is found by syzkaller: FAULTINJECTION stacktrace: 168.567394 FAULTINJECTION: forcing a failure. name...

6.3AI score0.00315EPSS
Exploits0References9
OSV
OSV
added 2025/02/26 2:13 a.m.11 views

CVE-2022-49532 drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix NULL pointer dereference in virtiogpuconngetmodes drmcvtmode may return NULL and we should check it. This bug is found by syzkaller: FAULTINJECTION stacktrace: 168.567394 FAULTINJECTION: forcing a failure. name...

5.5CVSS5AI score0.00315EPSS
Exploits0References12
CVE
CVE
added 2025/02/26 2:13 a.m.108 views

CVE-2022-49532

CVE-2022-49532 affects the Linux kernel DRM virtio driver (virtio_gpu_conn_get_modes) where drm_cvt_mode may return NULL, leading to a NULL pointer dereference. The issue is demonstrated by a KASAN report showing a null deref while reading a 4-byte value from a NULL pointer. The connected advisor...

5.5CVSS5.2AI score0.00315EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2025/02/26 1:54 a.m.10 views

CVE-2021-47657

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Ensure that objs is not NULL in virtiogpuarrayputfree If virtiogpuobjectshmeminit fails e.g. due to fault injection, as it happened in the bug report by syzbot, virtiogpuarrayputfree could be called with objs equal to...

5.5CVSS5.3AI score0.00261EPSS
Exploits0
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check for empty objs in the virtiogpuarrayputfree function...

5.5CVSS5.5AI score0.00261EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not checking the drmcvtmode return value in virtiogpuconngetmodes, which could lead to a null pointer dereferenc...

5.5CVSS5.7AI score0.00315EPSS
Exploits0References10
OSV
OSV
added 2024/05/03 3:16 a.m.4 views

CVE-2023-50227

Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest syste...

8.3CVSS6.2AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2024/05/03 3:16 a.m.7 views

CVE-2023-50227

Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest syste...

8.3CVSS6.2AI score0.00757EPSS
Exploits0References3
NVD
NVD
added 2024/05/03 3:16 a.m.25 views

CVE-2023-50227

Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest syste...

8.3CVSS8.7AI score0.00757EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 2:14 a.m.15 views

CVE-2023-50227 Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability

Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest syste...

8.3CVSS8.7AI score0.00757EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/03 2:14 a.m.34 views

CVE-2023-50227 Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability

Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest syste...

8.3CVSS8.8AI score0.00757EPSS
Exploits0References2
CVE
CVE
added 2024/05/03 2:14 a.m.77 views

CVE-2023-50227

CVE-2023-50227 describes a vulnerability in Parallels Desktop affecting the virtio-gpu virtual device. The issue is an out-of-bounds write caused by improper validation of user-supplied data, enabling a remote attacker to execute code in the hypervisor. Exploitation requires user interaction (the...

8.3CVSS8.7AI score0.00757EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.5 views

Corel Parallels Desktop 安全漏洞

Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Canada's Corel Digital Technology Corel. A security vulnerability exists in Corel Parallels Desktop that stems from a specific flaw in the virtio-gpu virtual appliance that lacks proper validation of...

8.3CVSS8.2AI score0.00757EPSS
Exploits0References3
OSV
OSV
added 2024/04/26 11:7 a.m.7 views

OESA-2024-1494 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or...

8.2CVSS8.1AI score0.00552EPSS
Exploits1References4
OSV
OSV
added 2024/04/09 8:15 p.m.2 views

UBUNTU-CVE-2024-3446

A double free vulnerability was found in QEMU virtio devices virtio-gpu, virtio-serial-bus, virtio-crypto, where the memreentrancyguard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host,...

8.2CVSS7.6AI score0.00278EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2023/12/27 12:0 a.m.7 views

The vulnerability of the virtio-gpu component of the Parallels Desktop hypervisor Virtual Device allows a hacker to execute arbitrary code.

The vulnerability of the virtio-gpu Virtual Device component in Parallels Desktop hypervisor is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by writing data beyond the bounds of the allocated buffer...

8.3CVSS7.9AI score0.00757EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2023/12/19 12:0 a.m.27 views

Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest system must visit a malicious page or open a malicious file. The specific flaw exists withi...

8.3CVSS7.3AI score0.00757EPSS
Exploits0References1
OSV
OSV
added 2023/06/03 11:5 a.m.2 views

OESA-2023-1324 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer.CVE-2023-22998...

5.5CVSS6.5AI score0.00304EPSS
Exploits0References2
Rows per page
Query Builder