The vulnerability of the guc_ct_send_recv() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the gucctsendrecv function in the drivers/gpu/drm/xe/xegucct.c file of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

CVE-2024-0134

NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this...

CVE-2024-0134

NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this...

AZL-52393 CVE-2024-0134 affecting package nvidia-container-toolkit for versions less than 1.17.1-1

NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this...

CVE-2024-0134

NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this...

CVE-2024-0134

NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this...

CVE-2024-0134

CVE-2024-0134 affects the NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux. A specially crafted container image can create unauthorized files on the host, with naming and location control not possible by the attacker, potentially enabling data tampering. Public advisories indicate remed...

AZL-52500 CVE-2024-50117 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ? showregs arch/x86/kernel/dumpstack.c:478 discriminator 1 ...

[SECURITY] Fedora 40 Update: llama-cpp-b3561-1.fc40

The main goal of llama.cpp is to run the LLaMA model using 4-bit integer quantization on a MacBook Plain C/C++ implementation without dependencies Apple silicon first-class citizen - optimized via ARM NEON, Accelerate and Metal frameworks AVX, AVX2 and AVX512 support for x86 architectures Mixed F...

kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers

A use-after-free was found in drivers/gpu/drm/i915/gt/intelggttfencing.c in the Linux kernel. This issue can be caused by a race among revocation of fence registers on one side and sequential execution of signal callbacks invoked on completion of a request that was using them on the other,...

Security Bulletin: NVIDIA Container Toolkit - November 2024

NVIDIA has released a software update for NVIDIA® Container Toolkit and NVIDIA GPU Operator. To protect your system, install the software update as described in the installation section of the NVIDIA Container Toolkit documentation and the NVIDIA GPU Operator documentation. Go to NVIDIA Product...

NVIDIA Container Toolkit 安全漏洞

NVIDIA Container Toolkit and NVIDIA GPU Operator are both products of NVIDIA Corporation.NVIDIA Container Toolkit is a container toolkit. NVIDIA Container Toolkit is a container toolkit that allows users to build and run GPU-accelerated containers.NVIDIA GPU Operator is a GPU management and...

CVE-2024-38423

Memory corruption while processing GPU page table switch...

CVE-2024-38421

Memory corruption while processing GPU commands...

CVE-2024-38423

CVE-2024-38423 = memory corruption while processing GPU page table switch in Qualcomm GPU/display stack. Exploitation would be local with low complexity and could impact confidentiality, integrity, and availability (CVSSv3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). Connected sources indicate Qualco...

CVE-2024-38423 Buffer Copy Without Checking Size of Input in Graphics Linux

Memory corruption while processing GPU page table switch...

CVE-2024-38423 Buffer Copy Without Checking Size of Input in Graphics Linux

Memory corruption while processing GPU page table switch...

CVE-2024-38421

CVE-2024-38421 corresponds to a memory corruption vulnerability in Qualcomm GPU command processing. The issue affects Qualcomm GPU/Display-related components and is described as “Memory corruption while processing GPU commands.” The CVE entry lists a high impact with CVSS 3.1 metrics indicating l...

CVE-2024-38421 Use After Free in Graphics Linux

Memory corruption while processing GPU commands...

CVE-2024-38421 Use After Free in Graphics Linux

Memory corruption while processing GPU commands...