CVE-2024-0093

CVE-2024-0093 affects NVIDIA GPU software for Linux. The connected sources describe a local vulnerability where an attacker with local access could cause information disclosure by accessing sensitive data. The documents do not specify affected versions, root cause details, or a confirmed fix in t...

CVE-2024-0090

CVE-2024-0090 affects the NVIDIA GPU driver for Windows and Linux, due to an out-of-bounds write in the driver. The confirmed impact includes code execution, denial of service, privilege escalation, information disclosure, and data tampering. Local attack vector with low privilege required per CV...

CVE-2024-0090 CVE

NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering...

CVE-2024-0090 CVE

NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering...

CVE-2024-0090

NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering...

CVE-2024-32922

In gpupmpowerontopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32899

In gpupmpowerofftopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a race condition. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32922

In gpupmpowerontopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32929

In gpuslcgetregion of pixelgpuslc.c, there is a possible EoP due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

ARM’s Zero-Day Flaw Leads to Improper GPU Memory Processing

...

CVE-2024-4610

A use-after-free vulnerability was found in the Arm Ltd Bifrost GPU kernel driver. The Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory. This issue affects the Bifrost GPU Kernel Driver fr...

Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day

Google has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-day. The high-severity vulnerability, tagged as CVE-2024-32896, has been described as an elevation of privilege issue in Pixel Firmware. The company did not share any additional details relate...

NVIDIA GPU Security Vulnerability

NVIDIA GPU is a graphics processing unit from the American company NVIDIA. It is used in machine learning, video editing and gaming applications. A security vulnerability exists in the NVIDIA GPU Display Driver, which stems from the presence of an out-of-bounds write issue that could lead to code...

PT-2024-24984 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a use after free in the gpu slc get region function of pixel gpu slc.c, which could lead to a local escalation of privilege...

Google Pixel Security Breach

Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a logic error in the code of the gpupmpowerontopnolock module of pixelgpupower.c that could compromise protected memory...

NVIDIA Linux GPU Display Driver (June 2024)

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities, including the following: - NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful...

NVIDIA vGPU Software Security Vulnerability

NVIDIA vGPU Software is a management software from NVIDIA, USA, used to provide GPU capabilities to virtual machines. The software supports multiple virtual machines to access the host's GPU, providing graphics performance and application compatibility for virtual machines. A security vulnerabili...

NVIDIA vGPU Software Security Vulnerability

NVIDIA vGPU Software is a management software from NVIDIA, USA, used to provide GPU capabilities to virtual machines. The software supports multiple virtual machines to access the host's GPU, providing graphics performance and application compatibility for virtual machines. A security vulnerabili...

PT-2024-24977 · Google · Android +1

Name of the Vulnerable Software and Affected Versions: No specific software or version is mentioned in the provided descriptions. Description: The issue is related to a logic error in the code of gpu pm power on top nolock in pixel gpu power.c. This error could lead to a compromise of protected...

NVIDIA Windows GPU Display Driver (June 2024)

A display driver installed on the remote Windows host is affected by multiple vulnerabilities, including the following: - NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. A successful exploit of this...