CVE-2025-0468 GPU DDK - ui64RobustnessAddress can overwrite Freelist / HWRT (and bypass PMMETA)

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2025-0468 GPU DDK - ui64RobustnessAddress can overwrite Freelist / HWRT (and bypass PMMETA)

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2025-0468

CVE-2025-0468 describes a vulnerability in Imagination Technologies/GPU driver where a non-privileged user can issue improper GPU system calls to subvert GPU hardware, potentially writing to arbitrary physical memory pages. The affected component is the GPU driver stack (PowerVR/GPU DDK lineage) ...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver that originates from the possibility that an unprivileged user may cause kernel memory corruption via improper GPU system calls...

PT-2025-14907 · Imagination Technologies · Graphics Ddk

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to cause kernel system memory corruption. Recommendations: At the moment, there is no information...

PT-2025-14906 · Imagination Technologies · Graphics Ddk

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances, this...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver that originates from the possibility that an unprivileged user could write to arbitrary physical memory pages via improper GPU system calls, potentially resulting in kernel data...

USN-7413-1: Linux kernel (IoT) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Ye Zhang and Nicolas Wu discovered th...

USN-7406-4 linux-azure-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...

USN-7406-4: Linux kernel (Azure FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...

USN-7406-3 linux-realtime, linux-intel-iot-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...

USN-7406-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-meta-raspi, linux-nvidia-tegra, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...

USN-7406-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...

USN-7407-1 linux-hwe-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

CVE-2025-21989 drm/amd/display: fix missing .is_two_pixels_per_container

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix missing .istwopixelspercontainer Starting from 6.11, AMDGPU driver, while being loaded with amdgpu.dc=1, due to lack of .istwopixelspercontainer function in dce60tgfuncs, causes a NULL pointer dereference on...

CVE-2025-21987

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: init return value in amdgputtmclearbuffer Otherwise an uninitialized value can be returned if amdgpurescleared returns true for all regions. Possibly closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3812 cherry...

The vulnerability of the amdgpu_device_gpu_recover() function in the DRI driver allows a hacker to induce a service failure. This vulnerability is related to AMD graphics cards and Linux operating systems.

The vulnerability of the amdgpudevicegpurecover function in the DRI support driver for AMD graphics cards in Linux operating systems is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7406-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7406-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-7402-2 linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - GPU drivers; - HID subsystem; - Media drivers; - JFS file system; - Network namespace; -...

USN-7401-1: Linux kernel (AWS) vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...