CVE-2019-5685

Affected software: NVIDIA Windows GPU Display Driver for Windows. Vulnerability: DirectX shader processing flaw can cause an out-of-bounds access/write to a shader local temporary array, potentially enabling denial of service or arbitrary code execution. Root cause: out-of-bounds handling in shad...

CVE-2019-5684

NVIDIA Windows GPU Display Driver all versions contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution...

CVE-2019-5684

CVE-2019-5684 affects the NVIDIA Windows GPU Display Driver for Windows. The vulnerability is in the DirectX shader path and can cause an out-of-bounds access (as described in NVD) or out-of-bounds write (per IBM’s vulnerability details), potentially enabling denial of service or arbitrary code e...

CVE-2019-5683

NVIDIA Windows GPU Display Driver all versions contains a vulnerability in the user mode video driver trace logger component. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of...

CVE-2019-5683

CVE-2019-5683 affects NVIDIA Windows GPU Display Driver (all versions) via the user-mode video driver trace logger. The issue arises when a local attacker with system access creates a hard link and the driver fails to detect hard-link attacks, potentially enabling code execution, denial of servic...

Security Bulletin: NVIDIA GPU Display Driver - August 2019

NVIDIA has released a software security update for the NVIDIA GPU Display Driver. This update addresses issues that may lead to local code execution, denial of service, or escalation of privileges. To protect your system, download and install this software update through NVIDIA Driver Downloads G...

Buffer overflow

In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one buffer overflow problem. NOTE: At least one Linux maintainer believes that this CVE is incorrectly assigned and should be rejected because the value is hard coded and are not...

CVE-2010-5331

CVE-2010-5331 affects the Linux kernel prior to 2.6.34, due to a range-check off-by-one issue in drivers/gpu/drm/radeon/atombios.c that can cause a buffer overflow. The vulnerability is rooted in how a value is used in that path; at least one Linux maintainer believes the CVE may be incorrectly a...

CVE-2019-2261

Unauthorized access from GPU subsystem to HLOS or other non secure subsystem memory can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...

Information disclosure

Unauthorized access from GPU subsystem to HLOS or other non secure subsystem memory can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...

CVE-2019-2261

Unauthorized access from GPU subsystem to HLOS or other non secure subsystem memory can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...

CVE-2019-2261

CVE-2019-2261 describes information disclosure caused by unauthorized access from the GPU subsystem to HLOS/non-secure memory. The vulnerability affects Qualcomm devices across multiple Snapdragon families (e.g., IPQ8074, MDM9xxx, MSM8xxx, SD-series including SD625/SD820/SD835/SD845/SD850, SDM43x...

CVE-2018-17479

Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2018-17479

Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2018-17479

Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Design/Logic Flaw

Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2018-17479

Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2018-17479

CVE-2018-17479 is a Chrome GPU use-after-free vulnerability caused by incorrect object lifetime handling in GPU code, potentially leading to heap corruption. It affects Google Chrome prior to 70.0.3538.110. Public references describe an in-the-wild risk and indicate remediation via updating to ve...

CVE-2018-17479

Removed by vendor...

NVIDIA Windows GPU Display Driver Multiple Vulnerabilities (May 2019)

The NVIDIA GPU display driver software on the remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities: - An unspecified vulnerability exists in the kernel mode layer nvvlddmkm.sys handler for DxgkDdiEscape due to improper synchronization of shared...