CVE-2025-52910

An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1330, 1380, 1480, 2400. A Use-After-Free leads to privilege escalation...

Important: Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)

Red Hat Enterprise Linux AI 1.5 NVIDIA is now available. Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models LLMs for enterprise applications...

FreeBSD : Firefox -- use-after-free in the GPU or browser process (291773e6-b5b2-11f0-8f61-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 291773e6-b5b2-11f0-8f61-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=1993113 reports: Starting with Firefox 142, it was possible...

GPU-Backed-Shellcode-Execution-PoC

GPU-Backed Shellcode...

Linux Distros Unpatched Vulnerability : CVE-2023-53628

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: drop gfxv110cpeccerrorirqfuncs The gfx.cpeccerrorirq is retired in gfx11. In gfxv110hwfini still use amdgpuirqput to disable this interrupt, which...

AI Inference Hardware Decisions: When to Choose CPUs vs. GPUs

...

EUVD-2025-25077

Malicious code in bioql PyPI...

EUVD-2025-30762

Malicious code in bioql PyPI...

CVE-2025-39906

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: remove oem i2c adapter on finish Fixes a bug where unbinding of the GPU would leave the oem i2c adapter registered resulting in a null pointer dereference when applications try to access the invalid device. cherr...

CVE-2025-23275

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information disclosure...

CVE-2025-25177

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions...

CVE-2025-46711 GPU DDK - NULL Pointer dereference occurs in LockHandle on bridge entry when connection misused

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger NULL pointer dereference kernel exceptions...

CVE-2025-25177

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check the scheduler work queue, which could lead to a failure when the GPU is reset...

CVE-2024-36346

CVE-2024-36346 concerns AMD Power Management Firmware (PMFW). The issue is caused by improper input validation , enabling a privileged attacker from a Guest VM to send arbitrary input data and potentially induce a GPU reset . The CVSSv3.1 metrics (AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H) indicate a l...

CVE-2024-36342

Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution...

PT-2025-36387

Name of the Vulnerable Software and Affected Versions: AMD GPU Driver affected versions not specified Description: Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow, potentially resulting in arbitrary code execution. This issue may lead to privilege...

CVE-2025-38521

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fix kernel crash when hard resetting the GPU The GPU hard reset sequence calls pmruntimeforcesuspend and pmruntimeforceresume, which according to their documentation should only be used during system-wide PM...

GHSA-PWQ7-2GVJ-VG9V vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter, tensorflow-gpu-jupyter...

Linux Distros Unpatched Vulnerability : CVE-2022-28183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause an out-of-bounds...