CVE-2023-4272 Mali GPU Kernel Driver exposes sensitive data from freed memory

A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory...

kernel: Linux kernel: Denial of service in lontium-lt9611 GPU driver due to NULL pointer dereference

A flaw was found in the Linux kernel's lontium-lt9611 GPU driver. A local user with low privileges could trigger a NULL pointer dereference in the lt9611connectorinit function. This vulnerability can lead to a system crash, resulting in a Denial of Service DoS...

kernel: drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback

A function prototype mismatch was found in the AMD GPU driver's DPM table callbacks. When kCFI Control Flow Integrity is enabled, the mismatched types cause CFI validation failures, potentially crashing the kernel...

kernel: Linux kernel: Denial of Service due to PCI device reference count leak

A flaw was found in the Linux kernel. A local low-privileged user could exploit a reference count leak in the drm/amdgpu component. This vulnerability, related to how PCI Peripheral Component Interconnect devices are managed, could lead to a Denial of Service DoS by exhausting system resources...

kernel: drm/i915/gvt: fix vgpu debugfs clean in remove

A NULL pointer dereference was found in the Linux kernel Intel i915 graphics driver's virtual GPU debugfs cleanup handling. A local user with privileges to unbind the i915 driver can trigger driver removal on systems with active virtual GPU instances, causing the cleanup path to attempt removing...

kernel: drm: amd: display: Fix memory leakage

A memory leak flaw was found in the Linux kernel's AMD display driver in the display context construction logic. A local user can trigger this issue during AMD GPU initialization when the dcconstructctx function fails to release allocated memory in error paths. This results in permanent memory...

Multiple Arm Products Security Vulnerabilities

ARM Midgard GPU Kernel Driver is a Mali GPU device driver from ARM UK. A security vulnerability exists in several Arm products. An attacker exploiting this vulnerability could obtain sensitive data from previously freed memory. The following products and versions are affected: Midgard GPU Kernel...

PT-2023-28542 · Arm · Arm 5Th Gen Gpu Architecture Kernel Driver +4

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory. Recommendations: At the moment, there is no information about...

Fedora 39 : oneVPL / oneVPL-intel-gpu (2023-ea65146fd4)

The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-ea65146fd4 advisory. Update oneVPL and oneVPL-intel-gpu to latest releases. Fixes CVE-2023-22338 and CVE-2023-22840. No ABI changes. Tenable has extracted the preceding...

Rocky Linux 8 : kernel-rt (RLSA-2023:0114)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0114 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple...

Rocky Linux 8 : kernel (RLSA-2023:0101)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0101 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple...

Fedora: Security Advisory for oneVPL-intel-gpu (FEDORA-2023-ea65146fd4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: oneVPL-2023.3.1-1.fc39

The oneAPI Video Processing Library oneVPL provides a single video processi ng API for encode, decode, and video processing that works across a wide range of accelerators. The base package is limited to the dispatcher and samples. To use oneVPL for video processing you need to install at least on...

[SECURITY] Fedora 39 Update: oneVPL-intel-gpu-23.3.4-2.fc39

Intel oneVPL GPU Runtime is a Runtime implementation of oneVPL API for Intel Gen GPUs. Runtime provides access to hardware-accelerated video decode, encode and filtering...

SUSE CVE-2023-31022

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service...

CVE-2023-31020

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause improper access control, which may lead to denial of service or data tampering...

CVE-2023-31026

NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager vGPU plugin, where a NULL-pointer dereference may lead to denial of service...

CVE-2023-31027

NVIDIA GPU Display Driver for Windows contains a vulnerability that allows Windows users with low levels of privilege to escalate privileges when an administrator is updating GPU drivers, which may lead to escalation of privileges...

CVE-2023-31019

NVIDIA GPU Display Driver for Windows contains a vulnerability in wksServicePlugin.dll, where the driver implementation does not restrict or incorrectly restricts access from the named pipe server to a connecting client, which may lead to potential impersonation to the client's secure context...

CVE-2023-31018

NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer dereference, which may lead to denial of service...