Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Prevent unmapping active read buffers. The kms paths maintain a persistent map that is active for reading and comparing the cursor buffer. These maps can conflict with each other in simple scenarios where: a buffer “a...

CVE-2026-23317

The CVE-2026-23317 entry describes a Linux kernel vulnerability in drm/vmwgfx, specifically vmw_translate_ptr. The root cause was a previous change where a pointer-returning lookup was replaced by an error-code-returning lookup with the pointer as an out parameter; the error path was not updated,...

CVE-2025-40277

Mode C: Vulnerability: CVE-2025-40277 affects the Linux kernel, specifically drm/vmwgfx. Root cause: insufficient validation of the command header size against SVGA_CMD_MAX_DATASIZE, allowing an input originating from userspace to influence buffer offset calculations and potentially cause an out-...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from drm vmwgfx not validating command header sizes, which could result in a buffer overflow...

kernel: drm/vmwgfx: Fix the lifetime of the bo cursor memory

A vulnerability was found in the drm/vmwgfx driver in the Linux kernel, concerning the lifetime management of the buffer object BO cursor memory. This issue occurs due to improper handling of the cursor memory's lifecycle, which could lead to use-after-free errors or crashes...

drm/vmwgfx: Fix a deadlock in dma buf fence polling

...

drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node

...

kernel: vmwgfx: integer overflow in vmwgfx_execbuf.c

An integer overflow was found in the Linux kernel's vmwgfx driver. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, and able to issue an ioctl on the resulting file descriptor to crash the system, causing a denial of service...

UBUNTU-CVE-2024-36960

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drmevent to the size of the structure that's actually used. The length of the drmevent was set to the parent structure instead of to the...

kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context

A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmwexecbuftiecontext. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causin...

SUSE-SU-2024:0111-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: Security fixes: - CVE-2023-6816: Fixed heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer bsc1218582 - CVE-2024-0229: Fixed reattaching to different master device may lead to out-of-bounds memory access bsc1218583 -...

SUSE-SU-2024:0109-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: Security fixes: - CVE-2023-6816: Fixed heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer bsc1218582 - CVE-2024-0229: Fixed reattaching to different master device may lead to out-of-bounds memory access bsc1218583 -...

kernel: drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl()

A memory leak vulnerability was found in the VMware graphics driver vmwgfx in the Linux kernel. In vmwmksstataddioctl, when copying the description string from userspace fails with -EFAULT, the allocated page for the instance descriptor is not freed. This leads to memory leakage that can cause...

kernel: drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl()

A memory leak vulnerability was found in the VMware graphics driver vmwgfx in the Linux kernel. In vmwmksstataddioctl, when copying the description string from userspace fails with -EFAULT, the allocated page for the instance descriptor is not freed. This leads to memory leakage that can cause...

kernel: drm/vmwgfx: Fix stale file descriptors on failed usercopy

A use-after-free vulnerability has been identified in the Linux kernel's VMware graphics driver vmwgfx driver. This flaw occurs during the usercopy operation for the fencerep object. If this operation fails, it can leave a stale dangling file descriptor in the system's file descriptor table. This...

DEBIAN-CVE-2017-7346

The vmwgbsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service system hang via a crafted ioctl call for a /dev/dri/renderD device...