Lucene search
K

303 matches found

CVE
CVE
added 2025/05/01 1:7 p.m.101 views

CVE-2025-37764

CVE-2025-37764 affects the Linux kernel (drm/imagination/powervr): a vulnerability causing firmware memory leaks during firmware image processing, leading to leaks on module unload and in failure paths during module load. The fix releases memory used for firmware image processing results and dest...

5.5CVSS6.7AI score0.00165EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/05/01 1:7 p.m.7 views

CVE-2025-37764 drm/imagination: fix firmware memory leaks

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: fix firmware memory leaks Free the memory used to hold the results of firmware image processing when the module is unloaded. Fix the related issue of the same memory being leaked if processing of the firmware ima...

5.5CVSS6.9AI score0.00165EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2025/03/17 12:0 a.m.252 views

PowerVR Patch Security Issues

A couple security issues were discovered in PowerVR during a patch review. While reviewing a preview patch for https://bugs.chromium.org/p/project-zero/issues/detail?id=2540 , I noticed some issues - most of them minor, but the following two seem like they probably have bigger security impact: F....

8.4CVSS7.2AI score0.00082EPSS
Exploits1
CNNVD
CNNVD
added 2025/01/08 12:0 a.m.6 views

Imagination PowerVR GPU 安全漏洞

The Imagination PowerVR GPU is a graphics processor from Imagination, UK. A security vulnerability exists in the Imagination PowerVR GPU that stems from a code logic error that results in memory reuse after release. An attacker exploiting the vulnerability could elevate privileges...

7.8CVSS7AI score0.0015EPSS
Exploits1References2
OSV
OSV
added 2024/11/19 6:15 p.m.1 views

UBUNTU-CVE-2024-53084

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Break an object reference loop When remaining resources are being cleaned up on driver close, outstanding VM mappings may result in resources being leaked, due to an object reference loop, as shown below, with ea...

5.5CVSS6.6AI score0.00186EPSS
Exploits0References17
Vulnrichment
Vulnrichment
added 2024/11/19 5:45 p.m.2 views

CVE-2024-53084 drm/imagination: Break an object reference loop

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Break an object reference loop When remaining resources are being cleaned up on driver close, outstanding VM mappings may result in resources being leaked, due to an object reference loop, as shown below, with ea...

7.7AI score0.00186EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/18 4:54 a.m.17 views

CVE-2024-43704 GPU DDK - PowerVR: PVRSRVAcquireProcessHandleBase can cause psProcessHandleBase reuse when PIDs are reused

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain access to the graphics buffers of a parent process...

7.1AI score0.00173EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/18 4:54 a.m.35 views

CVE-2024-43704 GPU DDK - PowerVR: PVRSRVAcquireProcessHandleBase can cause psProcessHandleBase reuse when PIDs are reused

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain access to the graphics buffers of a parent process...

0.00173EPSS
Exploits0References1
CVE
CVE
added 2024/11/18 4:54 a.m.117 views

CVE-2024-43704

CVE-2024-43704 affects Imagination Technologies PowerVR GPU driver. The PVRSRVAcquireProcessHandleBase() function can reuse psProcessHandleBase when PIDs are reused, allowing a non-privileged user to perform improper GPU system calls and access the graphics buffers of a parent process. This is a ...

8.4CVSS8.5AI score0.00173EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/17 12:0 a.m.5 views

PT-2024-30630 · Imagination Technologies · Powervr

Name of the Vulnerable Software and Affected Versions: PowerVR affected versions not specified Description: The issue allows software installed and run as a non-privileged user to conduct improper GPU system calls, potentially gaining access to the graphics buffers of a parent process. This is...

8.4CVSS6.5AI score0.00173EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/11/04 12:0 a.m.8 views

PT-2024-35548

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the drm/imagination component. The issue occurs when remaining resources are being cleaned up on driver close, and...

5.5CVSS5.4AI score0.00186EPSS
Exploits0
Cvelist
Cvelist
added 2024/10/14 8:17 a.m.17 views

CVE-2024-43701 GPU DDK - PowerVR: TLB invalidate UAF of dma_buf imported into multiple GPU devices

Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU...

0.00131EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/14 8:17 a.m.24 views

CVE-2024-43701 GPU DDK - PowerVR: TLB invalidate UAF of dma_buf imported into multiple GPU devices

Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU...

7.4AI score0.00131EPSS
Exploits0References1
NVD
NVD
added 2024/09/11 12:15 a.m.28 views

CVE-2024-31336

In PVRSRVBridgeRGXKickTA3D2 of serverrgxta3dbridge.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS0.001EPSS
Exploits0References1
CVE
CVE
added 2024/09/11 12:9 a.m.120 views

CVE-2024-31336

The CVE-2024-31336 entry concerns PVRSRVBridgeRGXKickTA3D2 in server_rgxta3d_bridge.c, affecting the PowerVR-GPU component. The issue is described as an arbitrary code execution caused by improper input validation, enabling local kernel privilege escalation without extra privileges or user intera...

8.4CVSS8.3AI score0.001EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/09/11 12:9 a.m.27 views

CVE-2024-31336

In PVRSRVBridgeRGXKickTA3D2 of serverrgxta3dbridge.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

0.001EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/02/19 12:0 a.m.7 views

The vulnerability of the PowerVR graphics driver in the ChromeOS operating system allows a hacker to execute arbitrary code and gain elevated privileges.

The vulnerability of the PowerVR graphics processor driver in the ChromeOS operating system is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code and increase their privileges...

7.8CVSS6AI score
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/19 12:0 a.m.4 views

The vulnerability of the DevmemIntChangeSparse() function in the PowerVR graphics driver of the ChromeOS operating system allows a hacker to execute arbitrary code and gain elevated privileges.

The vulnerability of the DevmemIntChangeSparse function in the PowerVR graphics driver of the ChromeOS operating system is related to integer overflow when processing field lengths. Exploiting this vulnerability allows an attacker to execute arbitrary code and gain elevated privileges...

7.8CVSS6AI score
Exploits0References3Affected Software1
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2024/02/07 12:0 a.m.84 views

Stable Channel Update for ChromeOS / ChromeOS Flex

The Stable channel is being updated to OS version: 15699.58.0 Browser version: 121.0.6167.159 for most ChromeOS devices. If you find new issues, please let us know one of the following ways 1. File a bug 2. Visit our ChromeOS communities 1. General: Chromebook Help Community 2. Beta Specific:...

9.8CVSS7.5AI score0.00579EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/02/02 12:0 a.m.8 views

The vulnerability of the MMU_UnmapPages() function in the PowerVR GPU driver for Android and ChromeOS allows a hacker to execute arbitrary code and gain elevated privileges.

The vulnerability of the MMUUnmapPages function in the PowerVR GPU driver for Android and ChromeOS systems is related to the execution of operations outside of memory buffers. Exploiting this vulnerability can allow attackers to gain increased privileges...

7.8CVSS7.9AI score0.00414EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder