CVE-2019-5671

CVE-2019-5671 affects NVIDIA GeForce/Windows GPU Display Driver, specifically the kernel-mode layer (nvlddmkm.sys) DxgkDdiEscape handler. The issue is that a resource is not released after its lifetime ends, enabling a denial-of-service condition. Publicly documented details come from NVIDIA/IBM ...

CVE-2019-5670

CVE-2019-5670 affects NVIDIA GeForce Windows GPU Display Driver. A flaw in the kernel-mode DxgkDdiEscape handler uses an incorrect length when reading/writing a buffer, causing out-of-bounds access and potential local escalation of privileges, code execution, denial of service, or information dis...

CVE-2019-5668

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiSubmitCommandVirtual in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to denial of service or escalation of privileges...

CVE-2019-5666

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer nvlddmkm.sys create context command DDI DxgkDdiCreateContext in which the product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index...

Xiaomi perseus-p-oss MIX 3 integer overflow vulnerability

Xiaomi perseus-p-oss MIX 3 is a smartphone from Chinese company Xiaomi Technology Xiaomi. Xiaomi perseus-p-oss MIX 3 An integer overflow vulnerability exists in the sdeevtlogfilterwrite method of the drivers/gpu/drm/msm/sdedbg.c file in the Xiaomi perseus-p-oss MIX 3 on 2018-11-26 and earlier...

CVE-2019-9112

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in sdedebugfsconncmdtxwrite in drivers/gpu/drm/msm/sde/sdeconnector.c. This is exploitable for a device crash vi...

Integer overflow

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in sdedebugfsconncmdtxwrite in drivers/gpu/drm/msm/sde/sdeconnector.c. This is exploitable for a device crash vi...

Integer overflow

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in sdeevtlogfilterwrite in drivers/gpu/drm/msm/sdedbg.c. This is exploitable for a device crash via a syscall by...

CVE-2019-9112

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in sdedebugfsconncmdtxwrite in drivers/gpu/drm/msm/sde/sdeconnector.c. This is exploitable for a device crash vi...

CVE-2019-9111

CVE-2019-9111 affects the msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3. The vulnerability is an integer overflow in sde_evtlog_filter_write (drivers/gpu/drm/msm/sde_dbg.c) caused by missing checks of the count argument, leading to an OOPS and potential device crash vi...

CVE-2019-9112

The CVE-2019-9112 vulnerability affects the MSM GPU driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device (through 2018-11-26). It is caused by an integer overflow due to missing checks of the count argument in _sde_debugfs_conn_cmd_tx_write within drivers/gpu/drm/msm/sde/sde_c...

CVE-2019-9111

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in sdeevtlogfilterwrite in drivers/gpu/drm/msm/sdedbg.c. This is exploitable for a device crash via a syscall by...

Security Bulletin: NVIDIA GPU Display Driver - February 2019

NVIDIA has released a software security update for the NVIDIA GPU Display Driver. This update addresses issues that may lead to denial of service, escalation of privileges, code execution, or information disclosure. To protect your system, download and install this software update through NVIDIA...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-203)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-3459,CVE-2019-3460: Two information leaks in the bluetooth stack were fixed. bnc1120758. - CVE-2019-7221: A use-after-free in the KVM nVMX hrtimer was fixed...

Photon OS 2.0: Linux PHSA-2018-2.0-0037-(a)

An update of the linux package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0037-a. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

kernel security, bug fix, and enhancement update

3.10.0-957.5.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.5.1 - fs revert 'fs sunrpc: Ensure we always close the socket after a...

CVE-2018-20669

A flaw was found in the Linux kernel where a provided address with accessok is not checked before accessing userspace data in certain situations. Lack of such checks in i915gemexecbuffer2ioctl in drivers/gpu/drm/i915/i915gemexecbuffer.c may allow a local unprivileged attacker to possible escalate...

CVE-2018-17470

A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

CVE-2018-17470

A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

CVE-2018-17470

A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...