CVE-2026-10892

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

PT-2026-46783

Integer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

Linux Distros Unpatched Vulnerability : CVE-2025-71314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/panthor: Recover from panthorgpuflushcaches failures We have seen a few cases where the whole memory subsystem is blocked and flush operations never complet...

CVE-2025-71314

A flaw was found in the Linux kernel's drm/panthor component. Buggy GPU jobs created by a User Mode Driver UMD can lead to a blockage in the memory subsystem. This prevents flush operations from completing, resulting in system hangs. A local attacker could exploit this to cause a Denial of Servic...

CVE-2026-46245

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dclink NULL handling in HPD init amdgpudmhpdinit may see connectors without a valid dclink. The code already checks dclink for the polling decision, but later unconditionally dereferences it when setting up H...

CVE-2025-71314

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from panthorgpuflushcaches failures We have seen a few cases where the whole memory subsystem is blocked and flush operations never complete. When that happens, we want to: - schedule a reset, so we can recov...

CVE-2025-71314

In the Linux kernel, the drm/panthor component was updated to recover from panthor_gpu_flush_caches() failures that could block the memory subsystem. The fix introduces a reset path to recover when flush operations hang, and resets pending_reqs so new commands can be issued after a reset. If addi...

EUVD-2025-210057

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from panthorgpuflushcaches failures We have seen a few cases where the whole memory subsystem is blocked and flush operations never complete. When that happens, we want to: - schedule a reset, so we can recov...

PT-2026-45985

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/panthor component where the memory subsystem can become blocked, causing flush operations to never complete. This state can be triggered by buggy GPU jobs...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which arises from improper handling when the panthorgpuflushcaches function fails, potentially leading to blocking...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by a buffer overflow in the GPU component stack. This vulnerability could allow remote attackers to exploit the system through specially crafted HTML...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by integer overflow in the GPU. This vulnerability could allow remote attackers to execute out-of-bound memory access through specially crafted HTML...

PT-2026-46550

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the GPU component on Windows allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via ...

PT-2026-46574

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the GPU component allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from proces...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient validation of untrusted inputs in the GPU component. It could allow remote attackers who have...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a buffer overflow vulnerability, which was caused by improper implementation of GPU components. This vulnerability could allow remote attackers to exploit the system through speciall...

CVE-2026-34193

Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...

CVE-2026-34193

CVE-2026-34193 affects kernel software running inside a Guest/Host VM that can post improper commands to the GPU firmware. A logic error in address translation enables a compromised Host (Kernel) to perform arbitrary writes to firmware memory, potentially impacting data integrity by writing beyon...

CVE-2026-34193 GPU DDK - Arbitrary write via UFO updates due insufficient pointer validation in rgxfw_to_ptr()

Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...

CVE-2026-34193 GPU DDK - Arbitrary write via UFO updates due insufficient pointer validation in rgxfw_to_ptr()

Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...