USN-7829-6 linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - Netlink; CVE-2024-26700, CVE-2025-38727, CVE-2023-52593, CVE-2024-26896...

CVE-2025-12060 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, tensorflow-gpu-jupyter, tensorflow-cpu-jupyter...

GHSA-MQ84-HJQX-CWF2 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, tensorflow-gpu-jupyter, tensorflow-cpu-jupyter...

CVE-2025-12058 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, tensorflow-gpu-jupyter, tensorflow-cpu-jupyter...

GHSA-28JP-44VH-Q42H vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, tensorflow-gpu-jupyter, tensorflow-cpu-jupyter...

CVE-2025-52910

Vulnerability details are confirmed: A Use-After-Free in the GPU of Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1330, 1380, 1480, 2400 can lead to privilege escalation. Affected component is the GPU; root cause is a use-after-free condition. Impact is privilege elevation; C...

SAMSUNG Mobile Processor Exynos 安全漏洞

SAMSUNG Mobile Processor Exynos is a system-on-chip SoC from South Korea's Samsung SAMSUNG dedicated to smartphones and tablets. A security vulnerability exists in SAMSUNG Mobile Processor Exynos, which stems from a post-release reuse issue in the GPU that could lead to elevated privileges. The...

CVE-2025-54335

The CVE-2025-54335 entry concerns a use-after-free in the Xclipse GPU Driver for Samsung Mobile Processor Exynos series (1480, 1580, 2400, 2500). The affected component is the GPU driver within these SoCs; the issue originates from a post-release reuse in the Xclipse GPU Driver. The provided conn...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fixed a kernel crash that occurred when the GPU was hard-reset. The GPU hard-reset sequence calls pmruntimeforcesuspend and pmruntimeforceresume. According to their documentation, these functions should only be...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix null pointer access Writing a string without delimiters ' ', '\n', '\0' to the under gpuod/fanctrl sysfs or pppowerprofilemode for the CUSTOM profile will result in a null pointer dereference...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm/v3d: Disabling interrupts before resetting the GPU Currently, an interrupt can be triggered during a GPU reset, which can lead to GPU hangs and NULL pointer dereferencing in an interrupt context, as shown in the following...

USN-7835-4: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7833-4: Linux kernel (GCP) vulnerabilities

Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to...

Vulnerability fixed in Mozilla Firefox

Mozilla has fixed a vulnerability in Firefox Specific for versions before 144.0.2 The vulnerability is in how a compromised child process can exploit a use-after-free issue in the GPU or browser process via WebGPU-related IPC calls. This can lead to a sandbox escape, which compromises the browser...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7853-1)

"The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7853-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...

USN-7853-2: Linux kernel (FIPS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7854-1: Linux kernel (KVM) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7854-1 linux-kvm vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7853-1: Linux kernel vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

CVE-2025-23352

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...