CVE-2026-8581

Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

EUVD-2026-30391

Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7912

An integer overflow flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497639714...

Chromium: CVE-2026-7972 Uninitialized Use in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src

...

CVE-2026-7918

Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-8020

Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

CVE-2026-7972

Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7955

CVE-2026-7955 refers to an uninitialized use in the GPU path of Google Chrome before Chrome 148.0.7778.96. The issue could allow a remote attacker who has already compromised the renderer process to read potentially sensitive information from process memory via a crafted HTML page. Affected produ...

CVE-2026-7955

Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

PT-2026-38213

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.96 Description An uninitialized use in the GPU allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory through a...

CVE-2026-24082

CVE-2026-24082 concerns a memory corruption (use-after-free) issue in an Automotive GPU, triggered when copying data from a freed source during a performance counter deselect operation. The connected records specify a memory corruption vulnerability with CVSSv3.1 base score 7.8 (HIGH), attack vec...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A fix was added for dividing by zero in setupdscconfig. When sliceheight is 0, dividing by sliceheight in the calculation of the number of slices will result in a division by zero, causing the driver to crash. Th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Check the scheduler work queue before calling timeout handling During an IGT GPU reset test, we still encounter an oops despite the use of the commit 0c8c901aaaebc9 drm/sched: Check the scheduler ready before calling...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm/smu11: Prevent division by zero The user can set any speed value. If the speed is greater than UINTMAX/8, division by zero is possible. This issue was discovered by the Linux Verification Center linuxtesting.org using...

EUVD-2026-26664

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

Fedora 42 : chromium (2026-2a5d3e5194)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2a5d3e5194 advisory. Update to 147.0.7727.116 High CVE-2026-6919: Use after free in DevTools High CVE-2026-6920: Out of bounds read in GPU Medium CVE-2026-6921: Race in...

DEBIAN-CVE-2026-7357

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-7333

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 147.0.7727.138, there was a resource management vulnerability that stemmed from the reuse of GPU components after they were released. This vulnerability could allow remote attackers to execute a sandbox escape through a...