CVE-2025-58409

CVE-2025-58409 is a GPU driver vulnerability affecting Imagination Technologies’ GPU driver/Imagination Graphics DDK. The issue arises when an unprivileged user performs improper GPU system calls, subverting GPU hardware to write to arbitrary physical memory pages. Under certain conditions this c...

CVE-2025-68793 drm/amdgpu: fix a job->pasid access race in gpu recovery

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix a job-pasid access race in gpu recovery Avoid a possible UAF in GPU recovery due to a race between the sched timeout callback and the tdr work queue. The gpu recovery function calls drmschedstop and later...

CVE-2025-68793

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix a job-pasid access race in gpu recovery Avoid a possible UAF in GPU recovery due to a race between the sched timeout callback and the tdr work queue. The gpu recovery function calls drmschedstop and later...

PT-2026-2434

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free. Improper reference counting on an internal resource caused scenario where potential for use after free was present...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention condition for job-pasid access during GPU recovery, which could lead to reuse after release...

Imagination Graphics DDK 安全漏洞

Imagination Graphics DDK is a suite of GPU driver tools from Imagination UK. The Imagination Graphics DDK suffers from a security vulnerability that originates from the possibility that an unprivileged user may make improper GPU system calls to corrupt the GPU hardware to write arbitrary physical...

Imagination Graphics DDK 安全漏洞

Imagination Graphics DDK is a suite of GPU driver tools from Imagination UK. A security vulnerability exists in the Imagination Graphics DDK that stems from the possibility that an unprivileged user may make improper GPU system calls, leading to improper management of resource reference counts an...

GHSA-C9RC-MG46-23W3 vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter, tensorflow-gpu-jupyter...

CVE-2025-68747 drm/panthor: Fix UAF on kernel BO VA nodes

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF on kernel BO VA nodes If the MMU is down, panthorvmunmaprange might return an error. We expect the page table to be updated still, and if the MMU is blocked, the rest of the GPU should be blocked too, so no...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly restore partition mode after hibernation recovery, which could result in a GPU page...

PT-2025-51792

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 143.0.7499.147 Description A use-after-free issue exists in the WebGPU component of Google Chrome. This flaw could allow a remote attacker to exploit heap corruption through a specially crafted HTML page. The...

CVE-2025-58408

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in whi...

CVE-2025-40336

In the Linux kernel, the following vulnerability has been resolved: drm/gpusvm: fix hmmpfntomaporder usage Handle the case where the hmm range partially covers a huge page like 2M, otherwise we can potentially end up doing something nasty like mapping memory which is outside the range, and maybe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from amdgpu not validating the offsetinbo of drmamdgpugemva, which could lead to out-of-bounds access...

Linux Distros Unpatched Vulnerability : CVE-2025-40225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/panthor: Fix kernel panic on partial unmap of a GPU VA region This commit address a kernel panic issue that can happen if Userspace tries to partially unmap...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unhidden VRAM sysfs attribute of a VRAM-less GPU, which could lead to a system crash...

CVE-2025-20789

In GPU pdma, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117741; Issue ID: MSV-4538...

CVE-2025-20788

In GPU pdma, there is a possible memory corruption due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117735; Issue ID: MSV-4539...

GPUHammer: Rowhammer Attacks on GPU Memories are Practical

Revisions Revision Date| Description ---|--- 2025-12-03| Initial publication...

EUVD-2025-200147

In GPU pdma, there is a possible memory corruption due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117735; Issue ID: MSV-4539...