502 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h616: Reparenting the GPU clock during frequency changes The H616 manual does not indicate that the GPU PLL supports dynamic frequency configuration. Therefore, we must be extra careful when changing the frequency...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF on kernel BO VA nodes If the MMU is down, panthorvmunmaprange might return an error. We expect the page table to be updated still, and if the MMU is blocked, the rest of the GPU should be blocked too, so no...
Astra Linux - уязвимость в chromium
A heap buffer overflow in the GPU component of Google Chrome prior to version 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...
CVE-2026-22166 GPU DDK - Write UAF in KEGLGetPoolBuffers, WebGL reachable
A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...
CVE-2026-22166 GPU DDK - Write UAF in KEGLGetPoolBuffers, WebGL reachable
A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...
EUVD-2026-26663
A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...
CVE-2026-22167
Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...
CVE-2026-22167 GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory
Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...
CVE-2026-22167 GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory
Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...
Chromium: CVE-2026-7333 Use after free in GPU
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
SUSE CVE-2026-7357
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-7357
An use after free flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497047552...
CVE-2026-7357
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-7333
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-7333
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-7357
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-7357
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-7333
CVE-2026-7333 describes a use-after-free in the GPU component of Google Chrome, leading to a potential sandbox escape via a crafted HTML page on Chromium-based browsers. Affected product: Google Chrome versions earlier than 147.0.7727.138. Root cause: use-after-free in GPU handling. Impact: remot...
CVE-2026-7333
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-7333
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...