kernel: vmwgfx: integer overflow in vmwgfx_execbuf.c

An integer overflow was found in the Linux kernel's vmwgfx driver. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, and able to issue an ioctl on the resulting file descriptor to crash the system, causing a denial of service...

PT-2023-28550 · Unknown · Gpu Driver

Name of the Vulnerable Software and Affected Versions: GPU driver affected versions not specified Description: The issue is related to an incorrect bounds check in the GPU driver, which can lead to a possible out of bounds write. This could result in a local denial of service and requires System...

CVE-2023-5427

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory.This issue affects Bifrost...

PT-2023-8467 · Imagination Technologies · Powervr Gpu Driver

Name of the Vulnerable Software and Affected Versions: PowerVR GPU driver versions affected versions not specified Description: The issue is related to the PMRChangeSparseMemOSMem function of the PowerVR GPU driver in Android and ChromeOS, which is vulnerable to a buffer overflow in memory. This...

CVE-2023-4272

A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory...

ARM Valhall GPU Kernel Driver and ARM Mali GPU Driver Resource Management Error Vulnerability

The ARM Valhall GPU Kernel Driver and ARM Mali GPU Driver are both products of ARM UK.The Valhall GPU Kernel Driver is a Valhall GPU kernel driver.The ARM Mali GPU Driver is a driver to support the Mali GPU. The ARM Mali GPU Driver is a driver to support Mali GPUs. A resource management error...

CVE-2023-33200

A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory...

PT-2023-9158 · Qualcomm · Qualcomm Embedded Platform Graphics Driver

Name of the Vulnerable Software and Affected Versions: Qualcomm embedded platform graphics driver affected versions not specified Description: The issue is related to a memory corruption problem in the graphics driver when a context is destroyed with KGSL GPU AUX COMMAND TIMELINE objects queued...

SAMSUNG Exynos Resource Management Error Vulnerability

SAMSUNG Exynos is a SoC, Arm architecture based processor developed and manufactured by Samsung Mobile, a South Korean company. A resource management error vulnerability exists in the SAMSUNG Exynos 2200, which stems from allowing a double release of the GPU...

PT-2023-28367 · Samsung · Exynos 2200

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor Exynos 2200 Description: The issue allows a GPU Use After Free. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was...

PT-2023-24145 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon processors affected versions not specified Description: The issue is related to memory corruption in Graphics while processing user packets for command submission. This can potentially lead to security risks, but specific...

PT-2023-28274 · Arm · Arm Mali Gpu Kernel Driver

Name of the Vulnerable Software and Affected Versions: Arm Mali GPU Kernel Driver versions affected versions not specified Description: A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. The issue is currently under active...

PT-2023-4667 · Freerdp · Freerdp

Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 3.0.0-beta3 Description: The issue is related to a Use-After-Free in processing RDPGFX CMDID RESETGRAPHICS packets. If context-maxPlaneSize is 0, context-planesBuffer will be freed, but without updating...

CVE-2021-46890

Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability...

PT-2023-12610 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns incomplete read and write permission verification in the GPU module. Successful exploitation may affect service confidentiality,...

CVE-2023-28469

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0...

CVE-2023-28147

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and...

PT-2023-16072 · Nvidia +1 · Nvidia Gpu Display Driver +1

Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Linux affected versions not specified Description: The issue is related to a NULL pointer dereference in the kernel mode layer of the NVIDIA GPU Display Driver for Linux, which may lead to denial of service...

USN-6032-1 linux-oem-6.0 vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-36280 Gerald Lee discovered that the USB Gadget file system implementation in the...

UBUNTU-CVE-2023-0181

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering...