9765 matches found
CVE-2024-3157
Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. Chromium security severity: High...
CVE-2024-3157
Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. Chromium security severity: High...
CVE-2024-3157
Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. Chromium security severity: High...
CVE-2024-3157
Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. Chromium security severity: High...
CVE-2024-3157
Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. Chromium security severity: High...
CVE-2024-3157
CVE-2024-3157 describes an out-of-bounds memory access in the Chromium/Chrome Compositing pipeline prior to 123.0.6312.122. The vulnerability could allow a remote attacker who has compromised the GPU process to potentially escape the Chromium sandbox through specific UI gestures. Affected softwar...
CVE-2024-3157
Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. Chromium security severity: High...
UBUNTU-CVE-2024-3446
A double free vulnerability was found in QEMU virtio devices virtio-gpu, virtio-serial-bus, virtio-crypto, where the memreentrancyguard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host,...
USN-6726-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...
USN-6726-1: Linux kernel vulnerabilities
Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...
Unbreakable Enterprise kernel security update
4.14.35-2047.535.2.1 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36467681 CVE-2024-1086 4.14.35-2047.535.2 - Fix null ptr in rdstcprecvpath Allison Henderson Orabug: 33499812 - LTS version: v4.14.338 Saeed Mirzamohammadi - crypto: scompress - initialize...
Rocky Linux 8 : kernel-rt (RLSA-2024:1614)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1614 advisory. - Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux filesystem modules allows Forced Integer Overflow.This issue affects openEul...
The vulnerability of microprogramming software in embedded Qualcomm chips allows a hacker to execute arbitrary code with elevated privileges.
The vulnerability of microprogramming software in embedded Qualcomm chips is related to the pointer shifting beyond the allocated memory range. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges using the IOCTLKGSLGPUAUXCOMMAND command...
SUSE CVE-2024-26657
In the Linux kernel, the following vulnerability has been resolved: drm/sched: fix null-ptr-deref in init entity The bug can be triggered by sending an amdgpucswaitioctl to the AMDGPU DRM driver on any ASICs with valid context. The bug was reported by Joonkyo Jung . For example the following code...
DEBIAN-CVE-2024-26657
In the Linux kernel, the following vulnerability has been resolved: drm/sched: fix null-ptr-deref in init entity The bug can be triggered by sending an amdgpucswaitioctl to the AMDGPU DRM driver on any ASICs with valid context. The bug was reported by Joonkyo Jung . For example the following code...
CVE-2024-21472
Memory corruption in Kernel while handling GPU operations...
CVE-2024-21468
Memory corruption when there is failed unmap operation in GPU...
CVE-2024-21472
CVE-2024-21472 describes a memory corruption issue in the kernel during GPU operation handling (root cause: memory corruption in the kernel when processing GPU operations). Documents consistently cite a high impact across confidentiality, integrity, and availability, with a local attack vector an...
CVE-2024-21472 Use After Free in Kernel
Memory corruption in Kernel while handling GPU operations...
CVE-2024-21472 Use After Free in Kernel
Memory corruption in Kernel while handling GPU operations...