CVE-2024-0153

Summary of CVE-2024-0153 (Arm Mali Valhall GPU Firmware + Arm 5th Gen GPU Architecture Firmware) A local, non-privileged user can perform improper GPU processing operations to access memory outside the bounds of a buffer, potentially granting access to all system memory. Affected: Arm Valhall GPU...

CVE-2024-0153 Mali GPU Firmware allows improper GPU processing operations

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. I...

PT-2024-19855

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions. Description The issue involves memory corruption while handling user packets during a VBO bind operation. This has been discussed in the context of exploiting a GPU o...

NVIDIA GPU Display Driver June 2024 Security Update

NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows, which might allow code execution, denial of service, escalation of privilege, information disclosure, and data tampering. NVIDIA has released software updates to mitigate these...

PT-2024-19848 · Qualcomm · Snapdragon +98

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption that occurs when invoking an IOCTL call for GPU memory allocation. This happens when the size parameter is greater...

[SECURITY] Fedora 39 Update: kitty-0.31.0-3.fc39

Offloads rendering to the GPU for lower system load and buttery smooth scrolling. Uses threaded rendering to minimize input latency. - Supports all modern terminal features: graphics images, unicode, true-col or, OpenType ligatures, mouse protocol, focus tracking, bracketed paste and several new...

The vulnerability of the NVIDIA GPU Display Driver software driver allows a hacker to execute arbitrary code, increase their privileges, or disclose sensitive information.

The vulnerability of the NVIDIA GPU Display Driver software driver is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code, gain elevated privileges, or disclose sensitive information...

The vulnerability of the NVIDIA GPU Display Driver software driver allows a hacker to execute arbitrary code, increase their privileges, or disclose sensitive information.

The vulnerability of the NVIDIA GPU Display Driver software driver is related to the use of an unreliable pointer. Exploiting this vulnerability allows an attacker to execute arbitrary code, gain elevated privileges, or disclose sensitive information...

The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows a hacker to elevate their privileges or cause service interruptions.

The vulnerability of the NVIDIA Virtual GPU Manager driver relates to the improper assignment of privileges. Exploiting this vulnerability allows an attacker to enhance their privileges or cause service interruptions...

The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows a hacker to execute arbitrary code, increase their privileges, or disclose sensitive information.

The vulnerability of the NVIDIA Virtual GPU Manager driver relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code, increase their privileges, or disclose sensitive information...

USN-6819-4: Linux kernel (Oracle) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

PT-2024-30757

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-41-generic 4122.04.2-Ubuntu Description The issue is related to a null pointer dereference in the dcn20 resource.c file of the Linux kernel's drm/amd/display module. This vulnerability can cause a hang when...

Ubuntu 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6819-4)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6819-4 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...

UBUNTU-CVE-2024-39471

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add error handle to avoid out-of-bounds if the sdmav40irqidtoseq return -EINVAL, the process should be stop to avoid out-of-bounds read, so directly return -EINVAL...

SUSE CVE-2024-38390

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails Calling a6xxdestroy before adrenogpuinit leads to a null pointer dereference on: msmgpucleanup : platformsetdrvdatagpu-pdev, NULL; as gpu-pdev is only assigned...

UBUNTU-CVE-2024-39291

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfxv943init cpcomputemicrocode and rlcmicrocode The function gfxv943initmicrocode in gfxv943.c was generating about potential truncation of output when using the snprintf function. The issue was due...

The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows a hacker to trigger a service failure.

The vulnerability of the NVIDIA Virtual GPU Manager driver relates to the assignment of the null pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

DEBIAN-CVE-2024-38390

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails Calling a6xxdestroy before adrenogpuinit leads to a null pointer dereference on: msmgpucleanup : platformsetdrvdatagpu-pdev, NULL; as gpu-pdev is only assigned...

UBUNTU-CVE-2024-38390

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails Calling a6xxdestroy before adrenogpuinit leads to a null pointer dereference on: msmgpucleanup : platformsetdrvdatagpu-pdev, NULL; as gpu-pdev is only assigned...

CVE-2022-48732

The CVE-2022-48732 issue affects the Linux kernel’s DRM Nouveau component, caused by an off-by-one error in BIOS boundary parsing of embedded init scripts. This bounds-checking flaw can reject access to the last byte, causing driver initialization to fail on Apple eMac systems with GeForce 2 MX G...