Design/Logic Flaw

GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120C212; The versions before ALP-L09 8.0.0.127C900; The versions before ALP-L09 8.0.0.128402/C02/C109/C346/C432/C652 has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker...

CVE-2017-17227

GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120C212; The versions before ALP-L09 8.0.0.127C900; The versions before ALP-L09 8.0.0.128402/C02/C109/C346/C432/C652 has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker...

CVE-2017-17227

CVE-2017-17227 describes an out-of-bounds memory access vulnerability in the GPU driver of Huawei Mate 10 smartphones. Affected builds include ALP-L09 before 8.0.0.120 (C212), before 8.0.0.127 (C900), and before 8.0.0.128 (402/C02/C109/C346/C432/C652). The issue arises from input parameter valida...

CVE-2017-15829

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a GPU Driver which can potentially lead to a Use After Free condition...

Race condition

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a GPU Driver which can potentially lead to a Use After Free condition...

CVE-2017-15829

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a GPU Driver which can potentially lead to a Use After Free condition...

CVE-2017-15829

CVE-2017-15829 is a Qualcomm Graphics_Linux component vulnerability reported as a race condition in the GPU driver that can lead to a Use-After-Free. The issue is listed as Elevation of Privilege (EoP) and is associated with Qualcomm’s graphics stack on CAF Android builds using the Linux kernel. ...

Deepfakes FakeApp tool (briefly) includes cryptominer

A few weeks ago, we took a look at a forum dedicated to Deepfake clips where the site was pushing Coinhive mining scripts in the website's HTML code. As it turns out, there's been another mining blow-out in the form of one of the apps used to make the fakes. That's right—a tool designed to push...

Security Advisory - Out-of-Bounds Memory Access Vulnerability in the GPU Driver of Huawei Mobile Phones

There is a out-of-bounds memory access vulnerability in the GPU driver of some Huawei smart phones due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause...

Claymore Dual GPU Miner Format String dos attack

Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. !/usr/bin/env python3 -- coding: utf-8 - import socket import json...

Claymore Dual GPU Miner 10.5 - Format String

Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. After reading about the recent vulnerabilities with previous version...

Claymore Dual GPU Miner 10.5 - Format String

Claymore Dual GPU Miner 10.5 - Format String Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. After reading about the...

Claymore Dual GPU Miner 10.5 Format String

Claymore Dual Gpu Miner = 10.5 Format Strings Vulnerability ======================================================================= product: Claymore's Dual Miner vulnerable version: = 10.5 fixed version: 10.6 CVE number: - CVE-2018a6317 impact: critical homepage:...

MGASA-2018-0080 Updated nvidia-current packages mitigates security issues

This update provides version 384.111 from the R384 branch, in order to help mitigate Spectre and Meltdown CPU security issues and keeps the driver working with security hardened kernels. Note that so far, nVidia does believe that their GPUs are immune to the referenced security issues. It also ad...

Updated nvidia-current packages mitigates security issues

This update provides version 384.111 from the R384 branch, in order to help mitigate Spectre and Meltdown CPU security issues and keeps the driver working with security hardened kernels. Note that so far, nVidia does believe that their GPUs are immune to the referenced security issues. It also ad...

NVIDIA Linux GPU Display Driver 384.x < 384.111 / 390.x < 390.12 Multiple Vulnerabilities (Meltdown)(Spectre)

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid105776; scriptversion"1.14";...

NVIDIA Windows GPU Display Driver 384.x / 385.x / 386.x < 386.07 / 390.x < 390.65 Multiple Vulnerabilities (Meltdown)(Spectre)

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid105777; scriptversion"1.14";...

Security Bulletin: NVIDIA GeForce Experience (GFE) Security Updates for CPU Speculative Side Channel Vulnerabilities

NVIDIA GeForce Experience GFE response to CPU speculative side channel vulnerabilities - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 Bulletin Summary NVIDIA is providing an initial security update to mitigate aspects of Google Project Zero's January 3, 2018 publication of novel information...

Huawei Mate 10 Memory Out-of-Bounds Access Vulnerability

Huawei Mate 10 is a smartphone from Chinese company Huawei Huawei. The Huawei Mate 10 suffers from a memory out-of-bounds access vulnerability, which is due to a lack of parameter checking in the phone's GPU driver. An attacker can trick a user into installing a malicious application and calling...

Security Bulletin: NVIDIA Driver Security Updates for CPU Speculative Side Channel Vulnerabilities

NVIDIA driver response to CPU speculative side channel vulnerabilities - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 Bulletin Summary NVIDIA is providing an initial security update to mitigate aspects of Google Project Zero’s January 3, 2018 publication of novel information disclosure attacks tha...