The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows a hacker to gain unauthorized access to protected information and increase their privileges.

The vulnerability of the NVIDIA Virtual GPU Manager driver relates to the improper assignment of permissions for the critical resource. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and increase their privileges...

The vulnerability of NVIDIA Virtual GPU driver, related to insufficient input data validation, allows attackers to escalate their privileges, execute arbitrary code, or cause service failures.

The vulnerability of the NVIDIA Virtual GPU Manager driver relates to insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges, execute arbitrary code, or cause service failures...

The software used for creating and running NVIDIA Container Toolkit containers, as well as the NVIDIA GPU Operator resource management software, is vulnerable. This vulnerability allows attackers to compromise data integrity.

The vulnerability of the software for creating and running NVIDIA Container Toolkit containers, as well as the NVIDIA GPU Operator resource management software, is related to errors in processing symbolic links. Exploiting this vulnerability can allow an attacker to compromise data integrity...

[SECURITY] Fedora 41 Update: golang-github-nvidia-container-toolkit-1.16.2-1.fc41

The NVIDIA Container Toolkit allows users to build and run NVIDIA GPU accelerated containers. The toolkit includes a container runtime library and utilities to automatically configure containers to leverage NVIDIA GPUs...

[SECURITY] Fedora 40 Update: golang-github-nvidia-container-toolkit-1.16.2-1.fc40

The NVIDIA Container Toolkit allows users to build and run NVIDIA GPU accelerated containers. The toolkit includes a container runtime library and utilities to automatically configure containers to leverage NVIDIA GPUs...

kernel: drm/amdgpu: use-after-free vulnerability

A failure flaw was found in the Linux kernel’s AMDGPU driver in how a user sends ioctl with an invalid address and size when using the AMD GPU. This flaw allows a local user to crash the system...

NVIDIA GPU Display Driver - October 2024 - Lenovo Support US

No description provided...

NVIDIA GPU Display Driver - October 2024 - Lenovo Support US

No description provided...

USN-7100-2: Linux kernel vulnerabilities

Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a deni...

kernel: drm/amdgpu: Init zone device and drm client after mode-1 reset on reload

No description is available for this CVE...

SUSE CVE-2024-50221

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangoghtablesinit is not large enough for the memset done in smucmninitsoftgpumetrics. Condensed report follows:...

CVE-2024-50221

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangoghtablesinit is not large enough for the memset done in smucmninitsoftgpumetrics. Condensed report follows:...

DEBIAN-CVE-2024-50221

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangoghtablesinit is not large enough for the memset done in smucmninitsoftgpumetrics. Condensed report follows:...

UBUNTU-CVE-2024-50221

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangoghtablesinit is not large enough for the memset done in smucmninitsoftgpumetrics. Condensed report follows:...

CVE-2024-50221

CVE-2024-50221 affects the Linux kernel AMDGPU/Vangogh driver. The vulnerability arises from a memory out-of-bounds write in the GPU metrics table initialization (vangogh_get_gpu_metrics/smu_cmn_init_soft_gpu_metrics), where the metrics table allocation was too small to cover a subsequent memset....

CVE-2024-50221 drm/amd/pm: Vangogh: Fix kernel memory out of bounds write

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangoghtablesinit is not large enough for the memset done in smucmninitsoftgpumetrics. Condensed report follows:...

CVE-2024-50221 drm/amd/pm: Vangogh: Fix kernel memory out of bounds write

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangoghtablesinit is not large enough for the memset done in smucmninitsoftgpumetrics. Condensed report follows:...

CVE-2024-50221 drm/amd/pm: Vangogh: Fix kernel memory out of bounds write

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangoghtablesinit is not large enough for the memset done in smucmninitsoftgpumetrics. Condensed report follows:...

AZL-54068 CVE-2024-50177 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursorwidth is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as...

USN-7088-3: Linux kernel vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-36402 Several security issues were discovered in the Linux kernel. An attacker could...