NVIDIA GPU Display Driver 安全漏洞

NVIDIA GPU Display Driver is an American NVIDIA driver for interactive support of graphics card display modules in operating systems. A security vulnerability exists in NVIDIA GPU Display Driver, which stems from the possibility that an attacker may be able to access memory locations after the...

CVE-2021-47144

In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: fix refcount leak Why the gem object rfb-base.obj0 is get according to numplanes in amdgpufbcreate, but is not put according to numplanes How put rfb-base.obj0 in amdgpufbdevdestroy according to numplanes...

CVE-2021-47144

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6702-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6702-2 advisory. It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error...

NVIDIA GPU Display Driver - February 2024 - Lenovo Support US

No description provided...

kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c

A use-after-free flaw was found in the Linux kernel's AMD GPU driver which may allow access to members of a synchronization structure after the structure is freed. This issue could allow a local user to crash the system or to access confidential system memory...

RHEL 8 : kernel (RHSA-2024:1268)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1268 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nftables:...

NVIDIA GPU Display Driver February 2024 Security Update

NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows, which might allow escalation of privilege, arbitrary code execution, denial of service, information disclosure. NVIDIA has released updates to mitigate these vulnerabilities...

WebGPU Browser-based GPU Cache Side-Channel

Bulletin ID: AMD-SB-6011 Potential Impact: GPU Cache Attacks from the Browser Severity: Summary AMD is aware of a paper titled “Generic and Automated Drive-by GPU Cache Attacks from the Browser” being published by researchers from Graz University of Technology and The University of Rennes. AMD do...

USN-6688-1: Linux kernel (OEM) vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

CVE-2024-25989

In gpuslclivenessupdate of pixelgpuslc.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Out-of-bounds

In gpuslclivenessupdate of pixelgpuslc.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-25989

In gpuslclivenessupdate of pixelgpuslc.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-25989

CVE-2024-25989 describes an out-of-bounds read in the Google Pixel GPU driver, specifically in gpu_slc_liveness_update of pixel_gpu_slc.c, caused by a missing bounds check. This can lead to local information disclosure without requiring exploits, privileges, or user interaction. Public references...

NVIDIA Virtual GPU Manager Multiple Vulnerabilities (February 2024)

The NVIDIA Virtual GPU Manager software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities, including the following: - NVIDIA GPU Display Driver for WIndows and Linux contains a vulnerability in the kernel mode data handler, where an unprivileg...

NVIDIA Linux GPU Display Driver (February 2024)

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities: - NVIDIA GPU Display Driver for WIndows and Linux contains a vulnerability in the kernel mode data handler, where an unprivileged regular user can cause...

NVIDIA Windows GPU Display Driver (February 2024)

A display driver installed on the remote Windows host is affected by multiple vulnerabilities, including the following: - NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds write. A successful exploi...

BIT-TENSORFLOW-2022-35988 `CHECK` fail in `tf.linalg.matrix_rank` in TensorFlow

TensorFlow is an open source platform for machine learning. When tf.linalg.matrixrank receives an empty input a, the GPU kernel gives a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit c55b476aa0e0bd4ee99d0f3ad18d9d706cd1260a. The fix...

BIT-TENSORFLOW-2022-35999 `CHECK` fail in `Conv2DBackpropInput` in TensorFlow

TensorFlow is an open source platform for machine learning. When Conv2DBackpropInput receives empty outbackprop inputs e.g. 3, 1, 0, 1, the current CPU/GPU kernels CHECK fail one with dnnl, the other with cudnn. This can be used to trigger a denial of service attack. We have patched the issue in...

BIT-TENSORFLOW-2022-41888 Unckecked rank size in `tf.image.generate_bounding_box_proposals` in Tensorflow

TensorFlow is an open source platform for machine learning. When running on GPU, tf.image.generateboundingboxproposals receives a scores input that must be of rank 4 but is not checked. We have patched the issue in GitHub commit cf35502463a88ca7185a99daa7031df60b3c1c98. The fix will be included i...