arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +80 more potentially affected by CVE-2023-25666 via tensorflow-gpu (>=1.10.1 <=2.0.4)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =1.0.0, =0.0.1, =0.0.2, =0.6.7, =0.1.2, =0.1.0, =0.1.2 - dragonn =0.4.2 and more Source cves: CVE-2023-25666 Source advisory: OSV:GHSA-F637-VH3R-VFH2...

SUSE CVE-2022-22075

Information Disclosure in Graphics during GPU context switch...

In the Linux kernel before 5.19 drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case whereas it is actually an error pointer).

...

SUSE CVE-2015-1272

Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown,...

SUSE CVE-2023-0699

Use after free in GPU in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page and browser shutdown. Chromium security severity: Medium...

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and often fabricated on the surface of semiconductor wafers. A security vulnerability exists in the Qualcomm chip gpu driver, which stems from...

UBUNTU-CVE-2023-0699

Use after free in GPU in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page and browser shutdown. Chromium security severity: Medium...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in versions prior to Google Chrome 110.0.5481.77 that originates from reuse after release in the GPU. An attacker exploits the vulnerability to cause heap corruption via specially crafted HTML...

CVE-2022-46891

An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0...

PT-2023-13100 · Gpu Drm · Gpu Drm

Name of the Vulnerable Software and Affected Versions: GPU DRM affected versions not specified Description: The issue is related to a possible stack overflow in GPU DRM due to a missing bounds check. This could lead to local escalation of privilege, with System execution privileges needed. User...

UBUNTU-CVE-2022-34676

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds read may lead to denial of service, information disclosure, or data tampering...

NVIDIA GPU Display Driver 代码问题漏洞

NVIDIA GPU Display Driver is a driver software from NVIDIA Corporation that is used for interactive support of graphics card display modules in operating systems. A security vulnerability exists in NVIDIA GPU Display Driver that originates in the kernel mode layer where an unprivileged, regular...

An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.

...

ARM Mali GPU Kernel Driver 资源管理错误漏洞

The ARM Mali GPU Kernel Driver is a driver for a graphics processor unit from ARM UK. The Arm Mali GPU Kernel Driver suffers from a resource management error vulnerability that originates from the fact that an unprivileged user can access freed memory leading to post-freedom reuse through imprope...

New Opera 93 Stable update includes fix for latest Chromium zero-day

Security New Opera 93 Stable update includes fix for latest Chromium zero-day Share December 2nd, 2022 Hi everyone! Opera for Windows and Mac have received Stable updates 93.0.4585.37 and 93.0.4585.39 respectively. Among other things, these updates include Chromium update 107.0.5304.122, which...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, Inc. in the United States. Google Chrome suffers from a security vulnerability that stems from a heap buffer overflow in the GPU...

PT-2022-22382 · Arm · Arm

Name of the Vulnerable Software and Affected Versions: Arm product family through 2022-06-29 Description: The issue is a TOCTOU Race Condition that allows a non-privileged user to make improper GPU processing operations, resulting in access to already freed memory. Recommendations: For Arm produc...

aggmap (>=1.1.1 <=1.2.1), molmap (>=1.3.1 <=1.4.0) potentially affected by CVE-2022-41911 via tensorflow-gpu (=2.9.1)

tensorflow-gpu PYPI version =2.9.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - aggmap =1.1.1, =1.3.1, =1.4.0 Source cves: CVE-2022-41911 Source advisory: OSV:GHSA-PF36-R9C6-H97J...

PT-2022-26119 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.11 TensorFlow versions 2.10.1, 2.9.3, and 2.8.4 Description: TensorFlow is an open source platform for machine learning. When running on GPU, the function tf.image.generate bounding box proposals receives a scor...

CVE-2022-32603

In gpu drm, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310704; Issue ID: ALPS07310704...