ARM Midgard GPU Kernel Driver 安全漏洞

ARM Midgard GPU Kernel Driver is a Mali GPU device driver from ARM UK. A security vulnerability exists in the ARM Midgard GPU Kernel Driver versions r4p0 through r31p0, the Bifrost GPU Kernel Driver versions r0p0 through r38p1, r39p0, and the Valhall GPU Kernel Driver versions r19p0 through r38p1...

Google TensorFlow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which stems from the GPU kernel failing to assert when tf.linalg.matrixrank receives a null input a, which can be used to trigger a denial-of-servic...

PT-2022-23087 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when the MaxPool function receives a window size input array...

UBUNTU-CVE-2022-31613

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where any local user can cause a null-pointer dereference, which may lead to a kernel panic...

Arm Mali GPU Kernel Driver 安全漏洞

The Arm Mali GPU Kernel Driver is a driver for a graphics processor unit from Arm UK. A security vulnerability exists in the Arm Mali GPU Kernel Driver Valhall versions r29p0 through r38p0, which arises from incorrect processing operations on the GPU...

PT-2022-6153 · Arm · Arm Mali Gpu Kernel Driver

Name of the Vulnerable Software and Affected Versions: Arm Mali GPU Kernel Driver versions Midgard r4p0 through r32p0 Arm Mali GPU Kernel Driver versions Bifrost r0p0 through r38p0 and r39p0 before r38p1 Arm Mali GPU Kernel Driver versions Valhall r19p0 through r38p0 and r39p0 before r38p1...

UBUNTU-CVE-2022-0976

Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-20082

In GPU, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07044730; Issue ID: ALPS07044730...

Google Android 竞争条件问题漏洞

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which arises from the concurrent execution of competing conditions in the GPU using incorrectly synchronized shared resources, and can be exploited by an attacker to remote...

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-29206 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-29206 Source advisory:...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +176 more potentially affected by CVE-2022-29195 via tensorflow-gpu (>=1.10.1 <=2.6.3)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-29195 Source advisory: OSV:GHSA-H48F-Q7RW-HVR7...

causalegm (>=0.2.1 <=0.2.5), chrombpnet (>=0.1.0 <=0.1.2) +3 more potentially affected by CVE-2022-29194 via tensorflow-gpu (=2.8.0)

tensorflow-gpu PYPI version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - causalegm =0.2.1, =0.1.0, =0.0.6, =2.3.5, =2.4.1 - tlaunch =0.0.2 Source cves: CVE-2022-29194 Source advisory: OSV:GHSA-H5G4-PPWX-4...

CVE-2022-28181

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges,...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google Inc. in the United States. Google Chrome suffers from a security vulnerability that originates from a heap buffer overflow in the GPU...

kernel: possible privileges escalation due to missing TLB flush

A random memory access flaw was found in the Linux kernel’s GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system...

ROS-20220309-02

The vulnerability in the XSLT parameter of Mozilla Firefox and Focus browsers is related to memory usage after its freeing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the WebGPU 3D graphics processing and computing softwa...

PT-2022-13468 · Pypi · Pytorch-Lightning

Name of the Vulnerable Software and Affected Versions: PyTorch Lightning versions prior to 1.6.0 Description: The issue allows for code injection, potentially enabling an attacker to execute commands on the target operating system. This can be achieved by setting the PL TRAINER GPUS variable when...

ARM Mali GPU 缓冲区错误漏洞

ARM Mali GPUs are a family of mobile display chipsets GPUs from the British company ARM. Like other 3D display chips based on IP cores embedded technology, the Mali display chipset does not provide a display controller similar to a graphics card specifically designed to drive an LCD monitor to...

The vulnerability of Google Chrome’s GPU component allows a hacker to execute arbitrary code.

The vulnerability of Google Chrome’s GPU component is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created web page...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome GPU, which can be exploited by an attacker to execute arbitrary code on a system or cause a denial of service condition...