Linux Distros Unpatched Vulnerability : CVE-2024-0079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest VM can cause a NULL-pointer dereferen...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20552)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20552 advisory. - usb: typec: displayport: Fix potential deadlock Andrei Kuchynski Orabug: 38309912 CVE-2025-38404 - i2c/designware: Fix an initialization issue...

CVE-2024-36342

Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution...

CVE-2025-3212

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU memory processing operations to gain access to already freed memory.This issue...

CVE-2025-3212 Mali GPU Kernel Driver allows access to already freed memory

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU memory processing operations to gain access to already freed memory.This issue...

CVE-2025-3212

CVE-2025-3212 is a Use After Free in Arm Mali GPU Kernel Drivers (Bifrost, Valhall, and Arm 5th Gen). Affected: Bifrost r41p0–r49p4 and r50p0–r51p0; Valhall r41p0–r49p4 and r50p0–r54p0; Arm 5th Gen r41p0–r49p4 and r50p0–r54p0. Impact: local, non-privileged process can access memory that has alrea...

ARM多款产品 安全漏洞

ARM Bifrost GPU Kernel Driver and others are a GPU kernel driver from ARM UK. A security vulnerability exists in various ARM products, which stems from a reuse-after-release issue that could result in out-of-bounds memory accesses. The following products and versions are affected: ARM Bifrost GPU...

CVE-2024-36346

Improper input validation in AMD Power Management Firmware PMFW could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition...

CVE-2024-36346

Improper input validation in AMD Power Management Firmware PMFW could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition...

CVE-2024-36342

CVE-2024-36342 refers to an improper input validation in the GPU driver that could cause a heap overflow, potentially enabling arbitrary code execution. The vulnerability is discussed across multiple sources tied to AMD graphics/GPU drivers and AMD Embedded Processors. The core impact stated is h...

CVE-2024-36342

Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution...

PT-2025-36388

Name of the Vulnerable Software and Affected Versions: AMD Power Management Firmware PMFW affected versions not specified Description: Improper input validation in AMD Power Management Firmware PMFW could allow a privileged attacker from a Guest VM to send arbitrary input data, potentially causin...

SUSE CVE-2025-39707

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: check if hubbub is NULL in debugfs/amdgpudmcapabilities HUBBUB structure is not initialized on DCE hardware, so check if it is NULL to avoid null dereference while accessing amdgpudmcapabilities file in debugfs...

DEBIAN-CVE-2025-38705

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix null pointer access Writing a string without delimiters ' ', '\n', '\0' to the under gpuod/fanctrl sysfs or pppowerprofilemode for the CUSTOM profile will result in a null pointer dereference...

CVE-2025-38705

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix null pointer access Writing a string without delimiters ' ', '\n', '\0' to the under gpuod/fanctrl sysfs or pppowerprofilemode for the CUSTOM profile will result in a null pointer dereference...

AZL-66851 CVE-2025-38705 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix null pointer access Writing a string without delimiters ' ', '\n', '\0' to the under gpuod/fanctrl sysfs or pppowerprofilemode for the CUSTOM profile will result in a null pointer dereference...

CVE-2025-38705

CVE-2025-38705: In the Linux kernel, writing a string without delimiters to gpu_od/fan_ctrl or pp_power_profile_mode for the CUSTOM profile can cause a NULL pointer dereference in drm/amd/pm. SUSE/OpenSUSE advisories (e.g., SUSE-SU-2025:03600-1) list this alongside many other kernel fixes and ind...

CVE-2025-38705 drm/amd/pm: fix null pointer access

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix null pointer access Writing a string without delimiters ' ', '\n', '\0' to the under gpuod/fanctrl sysfs or pppowerprofilemode for the CUSTOM profile will result in a null pointer dereference...

drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper()

...

clk: sunxi-ng: h616: Reparent GPU clock during frequency changes

...