Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from the use of GPUs without proper initialization, which could allow remote attackers to obtain sensitive information from the...

PT-2026-38105

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.96 Description An integer overflow in the GPU component allows a remote attacker who has compromised the renderer process to perform arbitrary read and write operations via a crafted HTML...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from the use of GPUs without proper initialization, which could allow remote attackers to obtain potentially sensitive informatio...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of GPU resources after they were released, which could allow remote attackers to exploit the system...

GPUBreach: Privilege Escalation Attacks on GPUs Using Rowhammer

NVIDIA GPUs with GDDR memories have been shown susceptible to Rowhammer-based bit-flips, similar to CPUs. However, Rowhammer exploits on GPUs have been limited to injecting untargeted bit-flips in victim data like weights of machine learning models, to degrade model accuracy, unlike CPU exploits...

CVE-2026-24082 Use After Free in Automotive GPU

Memory Corruption when copying data from a freed source while executing performance counter deselect operation...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a check for cstate. Since kzalloc may fail and return a NULL pointer, it would be better to check the cstate to avoid dereferencing the NULL pointer in drmatomichelpercrtcreset. Patchwork:...

GHSA-RCH3-82JR-F9W9 vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter, jupyter-base-notebook...

CVE-2026-22166 GPU DDK - Write UAF in KEGLGetPoolBuffers, WebGL reachable

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

CVE-2026-22166 GPU DDK - Write UAF in KEGLGetPoolBuffers, WebGL reachable

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

EUVD-2026-26663

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

CVE-2026-22167

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

CVE-2026-22167 GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

CVE-2026-22167 GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

Chromium: CVE-2026-7333 Use after free in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

SUSE CVE-2026-7357

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-7357

An use after free flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497047552...

CVE-2026-7357

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-7333

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-7333

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...