Lucene search

K
veracode
Veracode Vulnerability DatabaseVERACODE:34347
HistoryFeb 22, 2022 - 5:27 p.m.

Use After Free

2022-02-2217:27:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
36

A vulnerability was found in the vmwgfx driver that allows unprivileged users to gain access to files opened by other processes on the system through a dangling β€˜file’ pointer. Exploiting this vulnerability requires an attacker to have access to either /dev/dri/card0 or /dev/dri/rendererD128 and be able to issue an ioctl() on the resulting file descriptor. Systems without the vmwgfx driver loaded are not affected.

How to protect your server from attacks?

Related for VERACODE:34347