9779 matches found
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5912-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5912-1 advisory. It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state i...
USN-5917-1: Linux kernel vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
SUSE CVE-2023-23004
In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidpplanes.c misinterprets the getsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...
USN-5915-1 linux-oem-6.1 vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
openSUSE 15 Security Update : opera (openSUSE-SU-2023:0063-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0063-1 advisory. - Type confusion in V8 in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTM...
AZL-25611 CVE-2023-23004 affecting package kernel for versions less than 5.15.102.1-1
In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidpplanes.c misinterprets the getsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...
CVE-2023-23004
In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidpplanes.c misinterprets the getsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...
CVE-2023-23004
CVE-2023-23004 affects Linux kernel before 5.19. In drivers/gpu/drm/arm/malidp_planes.c, get_sg_table return value is misinterpreted: code expects NULL in error case, but it is an error pointer. This could lead to a kernel crash/undefined behavior as described in the vendor advisories (e.g., Chan...
CVE-2023-22998
In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...
CVE-2023-22998
In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...
CVE-2023-22998
In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...
K73659122: GPU vulnerabilities CVE-2019-0154 and CVE-2019-0155
Security Advisory Description CVE-2019-0154 Insufficient access control in subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series;...
kernel: i915: Incorrect GPU TLB flush can lead to random memory access
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system...
NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0005)
The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities: - A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw...
SUSE CVE-2011-2367
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service application crash, via unspecified vectors...
SUSE CVE-2011-3047
The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption by leveraging an error in the plug-in loading mechanism...
SUSE CVE-2011-3653
Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do not properly interact with the GPU memory behavior of a certain driver for Intel integrated GPUs, which allows remote attackers to bypass the Same Origin Policy and read image data via vectors related to WebGL textures...
SUSE CVE-2012-5131
Google Chrome before 23.0.1271.91 on Mac OS X does not properly mitigate improper rendering behavior in the Intel GPU driver, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...
SUSE CVE-2013-0241
The QXL display driver in QXL Virtual GPU 0.1.0 allows local users to cause a denial of service guest crash or hang via a SPICE connection that prevents other threads from obtaining the qemumutex mutex. NOTE: some of these details are obtained from third party information...
SUSE CVE-2015-1266
content/browser/webui/contentwebuicontrollerfactory.cc in Google Chrome before 43.0.2357.130 does not properly consider the scheme in determining whether a URL is associated with a WebUI SiteInstance, which allows remote attackers to bypass intended access restrictions via a similar URL, as...