Remember when I said update your windows machines today? Update your linux boxes tomorrow:


@mhoye, thanks for sharing.

These vulnerabilities look like something that users should keep an eye out for.

I'm not sure what's exactly being mapped into that in-RAM virtual framebuffer driver, but this looks like a way to escape into DOM0 and wreak havoc on the system.

That GUI domain would have helped a lot in this situation. And also a way to "disable GUI" for particular VMs, like for the USB "firewall" domain.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!