Microsoft Win32K - GRFX Input Validation Error Vulnerability

Microsoft Win32k is a system file for Windows Multi-User Management from Microsoft Corporation USA. An input validation error vulnerability exists in Microsoft Win32K - GRFX. An attacker exploiting this vulnerability could elevate privileges. The following products and editions are affected:Windo...

DEBIAN-CVE-2023-52648

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Unmap the surface before resetting it on a plane state Switch to a new plane state requires unreferencing of all held surfaces. In the work required for mob cursors the mapped surfaces started being cached but the...

kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c

A flaw was found in the Linux kernel Direct Rendering Infrastructure DRI subsystem in which a use-after-free can be caused when a user triggers a race condition between a nonblocking atomic commit and a driver unload. A local user could use this flaw to crash the system or potentially escalate...

kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c

A flaw was found in the Linux kernel Direct Rendering Infrastructure DRI subsystem in which a use-after-free can be caused when a user triggers a race condition between a nonblocking atomic commit and a driver unload. A local user could use this flaw to crash the system or potentially escalate...

CLSA-2023-1701963303 kernel: Fix of 18 CVEs

net/tls: do not free tlsrec on async operation in bpfexectxverdict CVE-2023-6176 - wifi: mac80211: fix MBSSID parsing use-after-free CVE-2022-42719 - mac80211: always allocate struct ieee80211elems CVE-2022-42719 - x86/sev: Check for user-space IOIO pointing to kernel space CVE-2023-46813 -...

kernel: drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()

A flaw was found in the DRM subsystem in the Linux kernel. A NULL pointer dereference can be triggered due to a missing check, causing a system crash and resulting in a denial of service...

PT-2023-5141 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a use-after-free vulnerability in the Windows GDI component, specifically affecting the win32kfull driver. This vulnerability can be exploited to elevate privileges...

SUSE CVE-2019-0155

Insufficient access control in a subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series; IntelR AtomR Processor A and E3900 Series...

PT-2022-35093 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to inconsistent HW shutdown in the drm/msm component. It was introduced in version v5.9 and fixed in version v6.0.3. The actual impact and attack plausibility have not ye...

DEBIAN-CVE-2021-20292

There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveausgdma.c in nouveausgdmacreatettm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with ...

The vulnerability of the Microsoft Windows Graphics component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Microsoft Windows Graphics subsystem in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created application...

The vulnerability of the Microsoft Windows Graphics subsystem in Windows operating systems, which allows attackers to exploit it to gain unauthorized access.

The vulnerability of the Microsoft Windows Graphics subsystem in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

The vulnerability of the Microsoft Windows Graphics component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Microsoft Windows Graphics subsystem in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created application...

DEBIAN-CVE-2019-0154

Insufficient access control in subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series; IntelR AtomR Processor A and E3900 Series;...

UBUNTU-CVE-2019-0154

Insufficient access control in subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series; IntelR AtomR Processor A and E3900 Series;...

UBUNTU-CVE-2016-5340

The isashmemfile function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center QuIC Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem...

Microsoft Win32k Information Disclosure Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the United States. kernel-mode drivers is one of the kernel driver management software. An information disclosure vulnerability exists in the GDI component of kernel-mode drivers in Microsoft Windows. A local...

The vulnerability of the iOS operating system, which allows a hacker to execute arbitrary code

The vulnerability of the AppleVXD393 driver in the iOS operating system’s graphics subsystem is related to data type mixing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted application...

CVE-2013-3129

Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...

DEBIAN-CVE-2012-5129

Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 23.0.1271.94 allows remote attackers to cause a denial of service GPU process crash or possibly have unspecified other impact via unknown vectors...