Improper access control

Improper access control when using mmap with the kgsl driver with a special offset value that can be provided to map the memstore of the GPU to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

CVE-2020-11282

The CVE-2020-11282 issue is an improper access-control vulnerability in the KGSL driver on Snapdragon platforms (Snapdragon Auto/Compute/Connectivity, Consumer IoT, Industrial IoT, Mobile, Wearables, etc.). A special mmap offset can map the GPU memstore into user space, enabling local attacker ac...

CVE-2020-11282

Improper access control when using mmap with the kgsl driver with a special offset value that can be provided to map the memstore of the GPU to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

Debian DSA-4858-1 : chromium - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2021-21148 Mattias Buelens discovered a buffer overflow issue in the v8 JavaScript library. - CVE-2021-21149 Ryoya Tsukasaki discovered a stack overflow issue in the Data Transfer implementation. - CVE-2021-21150 Wooj...

Debian: Security Advisory (DSA-4858-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4858-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4858-1 [email protected] https://www.debian.org/security/ Michael Gilbert February 19, 2021 https://www.debian.org/security/faq -...

Denial Of Service (DoS)

chromium is vulnerable to denial of service DoS. The vulnerability exists through a stack overflow in the GPU process...

The vulnerability of the GPU Process web browser in Google Chrome, which allows a hacker to execute arbitrary code.

The vulnerability of the GPU Process web browser in Google Chrome is caused by a buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the GPU Process web browser in Google Chrome, which allows a hacker to execute arbitrary code.

The vulnerability of the GPU Process web browser in Google Chrome is caused by a buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

Google Chrome stack overflow vulnerability (CNVD-2021-13235)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A stack overflow vulnerability exists in the GPU process in versions prior to Google Chrome 88.0.4324.182. No detailed vulnerability details are provided at this ti...

FreeBSD : chromium -- multiple vulnerabilities (48514901-711d-11eb-9846-e09467587c17)

Chrome Releases reports : This release contains 10 security fixes, including : - 1138143 High CVE-2021-21149: Stack overflow in Data Transfer. Reported by Ryoya Tsukasaki on 2020-10-14 - 1172192 High CVE-2021-21150: Use after free in Downloads. Reported by Woojin Oh@pwnexploit of STEALIEN on...

Chromium: CVE-2021-21153 Stack overflow in GPU Process

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: locking issue in drivers/tty/ttyjobctrl.c can lead to an use-after-free CVE-2020-29661 kernel: performance counters race condition use-after-free CVE-2020-14351 kernel: ICMP rate limiting...

NVIDIA Linux GPU Display (January 2021) (CVE-2021-1056)

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by a vulnerability in the kernel mode layer nvidia.ko in which it does not completely honor operating system file system permissions to provide GPU device-level isolation. Successful...

Security Bulletin: TensorFlow in Watson Machine Learning 1.6.2 and 1.7.0 has been patched for a security issue in nanopb.

Summary TensorFlow in Watson Machine Learning 1.6.2 and 1.7.0 has had various secuirty issue published for nanopb. These have been patched in the latest versions of TensorFlow. Vulnerability Details CVEID: CVE-2020-26243 DESCRIPTION: Nanopb is vulnerable to a denial of service, caused by a memory...

Qualcomm Graphics Access Control Error Vulnerability

Qualcomm Graphics is a Qualcomm graphics support firmware for use on processors. A security vulnerability exists in Qualcomm Graphics that stems from the use of mmap, where the kgsl driver has a special offset value that can be supplied to map the GPU memstore to user space...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.10.12 and fixes at least the following security issues: fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPL...

CentOS 8 : kernel (CESA-2019:3871)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:3871 advisory. - hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write CVE-2019-0155 Note that Nessus has not tested for this issue but has instead...

NVIDIA Gamers Face DoS, Data Loss from Shield TV Bugs

NVIDIA has newly disclosed three security vulnerabilities in the NVIDIA Shield TV, which could allow denial of service, escalation of privileges and data loss. The NVIDIA Shield TV is a set-top gadget that acts as a hub for the smart home, streams PC games from a gaming PC to a TV; and allows loc...

NVIDIA Linux GPU Display (January 2021)

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities: - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape or IOCTL in...