AZL-42276 CVE-2024-26949 affecting package kernel for versions less than 5.15.158.2-1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix NULL pointer dereference when get power limit Because powerplaytable initialization is skipped under sriov case, We check and set default lower and upper OD value if powerplaytable is NULL...

kernel: Linux kernel: Denial of Service in DRM scheduler due to improper work queue handling

A flaw was found in the Linux kernel's Direct Rendering Manager DRM scheduler. A local attacker with low privileges could exploit this vulnerability by triggering a GPU reset test. This improper handling of the scheduler work queue can lead to a kernel panic, which is a system crash, resulting in...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in versions prior to Google Chrome 123.0.6312.122, which originated from a vulnerability that allows remote attackers to corrupt GPU processes and perform sandbox escapes via specific UI gesture...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption that occurs when an unmap operation fails in the GPU...

PT-2024-18893 · Kernel · Kernel

Name of the Vulnerable Software and Affected Versions: Kernel affected versions not specified Description: The issue is related to memory corruption in the Kernel while handling GPU operations. Recommendations: At the moment, there is no information about a newer version that contains a fix for...

PT-2024-3005 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 123.0.6312.122 Description: The issue is related to out of bounds memory access in Compositing, allowing a remote attacker who has compromised the GPU process to potentially perform a sandbox escape via specifi...

Google Pixel Security Breach

Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a missing bounds check in the gpuslclivenessupdate method of the pixelgpuslc.c file, which may result in out-of-bounds reads...

PT-2024-2629 · Arm · Arm Ltd Midgard Gpu Kernel Driver +3

Name of the Vulnerable Software and Affected Versions: Arm Ltd Midgard GPU Kernel Driver versions r13p0 through r32p0 Arm Ltd Bifrost GPU Kernel Driver versions r11p0 through r25p0 Arm Ltd Valhall GPU Kernel Driver versions r19p0 through r25p0, versions r29p0 through r46p0 Arm Ltd Arm 5th Gen GPU...

PT-2024-14577 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a resource reuse vulnerability in the GPU module. Successful exploitation of this vulnerability may affect service...

AMD GPU Memory Leak Advisory - Lenovo Support US

No description provided...

ARM Valhall GPU Kernel Driver and Bifrost GPU Kernel Driver Resource Management Error Vulnerability

ARM Bifrost GPU Kernel Driver and Valhall GPU Kernel Driver are both products of ARM UK.Bifrost GPU Kernel Driver is a Bifrost GPU Kernel Driver.Valhall GPU Kernel Driver is an ARM Bifrost GPU Kernel Driver. Valhall GPU Kernel Driver is a Valhall GPU kernel driver. A security vulnerability exists...

DEBIAN-CVE-2023-4969

A GPU kernel can read sensitive data from another GPU kernel even from another user or app through an optimized GPU memory region called local memory on various architectures...

UBUNTU-CVE-2023-4969

A GPU kernel can read sensitive data from another GPU kernel even from another user or app through an optimized GPU memory region called local memory on various architectures...

kernel: vmwgfx: integer overflow in vmwgfx_execbuf.c

An integer overflow was found in the Linux kernel's vmwgfx driver. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, and able to issue an ioctl on the resulting file descriptor to crash the system, causing a denial of service...

PT-2023-28550 · Unknown · Gpu Driver

Name of the Vulnerable Software and Affected Versions: GPU driver affected versions not specified Description: The issue is related to an incorrect bounds check in the GPU driver, which can lead to a possible out of bounds write. This could result in a local denial of service and requires System...

CVE-2023-5427

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory.This issue affects Bifrost...

CVE-2023-4272

A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory...

ARM Valhall GPU Kernel Driver and ARM Mali GPU Driver Resource Management Error Vulnerability

The ARM Valhall GPU Kernel Driver and ARM Mali GPU Driver are both products of ARM UK.The Valhall GPU Kernel Driver is a Valhall GPU kernel driver.The ARM Mali GPU Driver is a driver to support the Mali GPU. The ARM Mali GPU Driver is a driver to support Mali GPUs. A resource management error...

CVE-2023-33200

A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory...

PT-2023-9158 · Qualcomm · Qualcomm Embedded Platform Graphics Driver

Name of the Vulnerable Software and Affected Versions: Qualcomm embedded platform graphics driver affected versions not specified Description: The issue is related to a memory corruption problem in the graphics driver when a context is destroyed with KGSL GPU AUX COMMAND TIMELINE objects queued...