Chromium: CVE-2026-6920 Out of bounds read in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-6921

A race flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=493315759 Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.138 contained a resource management vulnerability. This vulnerability stemmed from the reuse of GPU components after their release, which could allow remote attackers with access to the rendering...

PT-2026-35833

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.138 Description A use after free a condition where a program continues to use a memory address after it has been freed in the GPU component allows a remote attacker to potentially perform a sandbox...

CVE-2026-31690

CVE-2026-31690 affects the Linux kernel TH1520 AON firmware protocol driver. The issue combined a potential buffer overflow from unsafe pointer arithmetic when accessing the 'mode' field via a resource offset, and the use of custom RPC_SET_BE*/RPC_GET_BE* macros replaced with standard endianness ...

EUVD-2026-25253

Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

CVE-2026-6920

Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6921

Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

CVE-2026-6921

CVE-2026-6921 describes a race condition in the GPU component of Google Chrome on Windows, prior to version 147.0.7727.117, that could allow a remote attacker to potentially escape the browser sandbox via a crafted video file. The vulnerability is exposed via a network vector and requires user in...

CVE-2026-6920

Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6920

Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6920

Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6920

Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.117 contained a buffer overflow vulnerability, which was caused by out-of-bound reads from the GPU. This vulnerability allowed remote attackers with access to the renderer process to execute a...

Google Chrome 竞争条件问题漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.117 contained a race condition vulnerability, which was caused by race conditions in the GPU. This vulnerability allowed remote attackers to execute a sandbox escape through a specially crafted...

PT-2026-34685

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 147.0.7727.117 Description An out of bounds read in the GPU allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

PT-2026-34686

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.117 Description A race condition in the GPU component on Windows allows a remote attacker to potentially perform a sandbox escape by using a crafted video file. A sandbox escape is a technique used to...

CVE-2026-21733

Vulnerability in Imagination Technologies Graphics DDK on Linux, Android -- RESERVED...

CVE-2026-21733

CVE-2026-21733 concerns a vulnerability in Imagination Technologies’ GPU driver where software running as a non-privileged user can perform improper GPU system calls due to incorrect handling of GPU memory reservation protections. The root cause is described as improper handling of GPU memory res...

USN-8184-1: Linux kernel (Real-time) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...