9823 matches found
CVE-2026-34196
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an integer overflow and map two GPU virtual addresses to the same physical address. One of these virutal mappings can be freed along with the physical page, allowing for a read/write UAF via the...
CVE-2026-45203
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory write outside the permitted range of memory for the host kernel. A TOCTOU bug existed where a malicious driver could modify values in memory after firmware validation but befo...
CVE-2026-45203 GPU DDK - rgxfw_hwperf_ufo() re-reads psCmdHeader->ui32CmdSize after initial check, TOCTOU
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory write outside the permitted range of memory for the host kernel. A TOCTOU bug existed where a malicious driver could modify values in memory after firmware validation but befo...
EUVD-2026-43043
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory write outside the permitted range of memory for the host kernel. A TOCTOU bug existed where a malicious driver could modify values in memory after firmware validation but befo...
CVE-2026-45196 GPU DDK - Arbitrary GPU register write in rgxfw_hwperf_hw due to unsanitized pointers from host kernel
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a GPU register access which can lead to privilege escalation...
CVE-2026-7639 GPU DDK - Page UAF read in PMMETA_PROTECT heap memory
Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...
EUVD-2026-43034
Software installed and run as a non-privileged user may cause OOB kernel memory reads or writes through GPU API calls. When indexing pages larger than 4kB in the page freeing logic of the sparse memory implementation, incorrect buffer indexing leads to OOB access...
EUVD-2026-43032
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an integer overflow and map two GPU virtual addresses to the same physical address. One of these virutal mappings can be freed along with the physical page, allowing for a read/write UAF via the...
CVE-2026-34196
CVE-2026-34196 concerns GPU-driver code: when non-privileged software makes improper GPU system calls, an integer overflow can cause two GPU virtual addresses to map to the same physical page. After freeing the first mapping and the physical page, the second mapping can be used to read/write to m...
Linux Distros Unpatched Vulnerability : CVE-2026-3886
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A design error vulnerability has been identified in QEMU. This issue affects the virtio-gpu driver. CVE-2026-3886 Note that Nessus relies on the presence of the...
PYSEC-2026-962 FPE in `tf.image.generate_bounding_box_proposals`
Impact When running on GPU, tf.image.generateboundingboxproposals receives a scores input that must be of rank 4 but is not checked. python import tensorflow as tf a = tf.constantvalue=1.0, 1.0, 1.0, 1.0, 1.0, 1.0, 1.0, 1.0 b = tf.constantvalue=1...
PYSEC-2026-1011 TensorFlow vulnerable to `CHECK` fail in `MaxPool`
Impact When MaxPool receives a window size input array ksize with dimensions greater than its input tensor input, the GPU kernel gives a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf import numpy as np input = np.ones1, 1, 1, 1 ksize = 1, 1, 2, ...
Ubuntu 26.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-8507-1)
"The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8507-1 advisory. It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker...
CVE-2026-54234
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, a frontend-legal multi-request speculative decoding workload can cause the rejection sampler to produce a recovered token equal to the model vocabulary size boundary value, which is then convert...
USN-8508-1 linux-nvidia-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - GP...
Ubuntu 26.04 LTS : Linux kernel vulnerabilities (USN-8488-1)
"The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8488-1 advisory. It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker...
USN-8498-1 linux-nvidia-tegra vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
USN-8492-2 linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
Linux Distros Unpatched Vulnerability : CVE-2026-53347
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio- gpu driver built with disabled KMS, leading to access ...
USN-8492-1 linux, linux-aws, linux-aws-fips, linux-gcp, linux-gcp-fips, linux-ibm, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-realtime, linux-realtime-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...