GPUHammer: Rowhammer Attacks on GPU Memories Are Practical

Rowhammer is a read disturbance vulnerability in modern DRAM that causes bit-flips, compromising security and reliability. While extensively studied on Intel and AMD CPUs with DDR and LPDDR memories, its impact on GPUs using GDDR memories, critical for emerging machine learning applications,...

GHSA-F748-7HPG-88CH vulnerabilities

Vulnerabilities for packages: nvidia-container-toolkit...

GHSA-MJJW-553X-87PQ vulnerabilities

Vulnerabilities for packages: nvidia-gpu-operator-validator, nvidia-container-toolkit...

GHSA-MJJW-553X-87PQ vulnerabilities

Vulnerabilities for packages: nvidia-container-toolkit...

CVE-2024-0133 vulnerabilities

Vulnerabilities for packages: nvidia-gpu-operator-validator, nvidia-container-toolkit...

CVE-2024-0132 vulnerabilities

Vulnerabilities for packages: nvidia-gpu-operator-validator, nvidia-container-toolkit...

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: docker, kaniko, grype, runc, buildkitd, k3d, syft, ctop, k3s, skopeo, kots, datadog-agent, podman, cadvisor, kubernetes, k9s, nerdctl, kubescape, trivy, skaffold, wolfictl, newrelic-infrastructure-agent, zot, zarf...

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: kubescape, trivy, k9s, zarf, grype, newrelic-infrastructure-agent, ctop, k3s, kots, datadog-agent, kaniko, cadvisor, buildkitd, zot, k3d, skaffold, wolfictl, nerdctl, kubernetes, docker, skopeo, syft, datadog-agent-fips, runc, kubernetes-fips, podman...

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: kubeflow, ipfs, buildkitd, scorecard, slsa-verifier, k3d, up, src, prometheus-blackbox-exporter, kubevela, falco, kubescape, terraform-provider-sendgrid, aactl, cortex, dgraph, spark-operator...

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: kubescape, volume-modifier-for-k8s-fips, aws-efs-csi-driver-fips, kiam, terraform-provider-sendgrid, src, metrics-server-fips, prometheus-stackdriver-exporter, cortex, prometheus-adapter-fips, conftest-fips, kubernetes-csi-livenessprobe, buildkitd,...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: node-problem-detector, k8sgpt-operator, kube-logging-operator, flux-image-reflector-controller, gitness, hey, kots, prometheus-stackdriver-exporter, sigstore-scaffolding, rqlite, prometheus-bind-exporter, flux-image-automation-controller, kubernetes-csi-livenessprobe...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: flux-helm-controller, kaf, nghttp2, terraform, prometheus-blackbox-exporter, terraform-provider-sendgrid, metrics-server, spark-operator, hey, dynamic-localpv-provisioner, kubernetes-csi-livenessprobe, cortex, atlantis, fuse-overlayfs-snapshotter,...

CVE-2023-31011

NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure...

Security Bulletin: Unprivileged GPU access vulnerability - CVE-2013-5987

Summary NVIDIA device driver bug that could allow an unprivileged user to control target system. Vulnerability Details Abstract NVIDIA device driver bug that could allow an unprivileged user to control target system. Content Vulnerability Details: CVE ID : CVE-2013-5987 Description: NVIDIA Graphi...

DEBIAN-CVE-2012-4225

NVIDIA UNIX graphics driver before 295.71 and before 304.32 allows local users to write to arbitrary physical memory locations and gain privileges by modifying the VGA window using /dev/nvidia0...