Alex Williamson

3 exploits Active since Nov 2016
CVE-2016-9083 WRITEUP HIGH WRITEUP
Linux kernel <4.8.11 - Memory Corruption
drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a "state machine confusion bug."
CVSS 7.8
CVE-2016-9084 WRITEUP HIGH WRITEUP
Linux kernel <4.8.11 - DoS
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.
CVSS 7.8
CVE-2021-3736 WRITEUP MEDIUM WRITEUP
Linux kernel - Info Disclosure
A flaw was found in the Linux kernel. A memory leak problem was found in mbochs_ioctl in samples/vfio-mdev/mbochs.c in Virtual Function I/O (VFIO) Mediated devices. This flaw could allow a local attacker to leak internal kernel information.
CVSS 5.5