kernel: intel: Fix NULL pointer dereference issue in upi_fill_topology()

A vulnerability was discovered in the Linux kernel in which certain CPU topologies could result in a null pointer dereference, affecting system stability...

kernel: Linux kernel: Denial of Service in DRM scheduler due to improper work queue handling

A flaw was found in the Linux kernel's Direct Rendering Manager DRM scheduler. A local attacker with low privileges could exploit this vulnerability by triggering a GPU reset test. This improper handling of the scheduler work queue can lead to a kernel panic, which is a system crash, resulting in...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in versions prior to Google Chrome 123.0.6312.122, which originated from a vulnerability that allows remote attackers to corrupt GPU processes and perform sandbox escapes via specific UI gesture...

SUSE CVE-2024-26667

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for valid hwpp in dpuencoderhelperphyscleanup The commit 8b45a26f2ba9 "drm/msm/dpu: reserve cdm blocks for writeback in case of YUV output" introduced a smatch warning about another conditional block in...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption that occurs when an unmap operation fails in the GPU...

PT-2024-18893 · Kernel · Kernel

Name of the Vulnerable Software and Affected Versions: Kernel affected versions not specified Description: The issue is related to memory corruption in the Kernel while handling GPU operations. Recommendations: At the moment, there is no information about a newer version that contains a fix for...

PT-2024-3005 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 123.0.6312.122 Description: The issue is related to out of bounds memory access in Compositing, allowing a remote attacker who has compromised the GPU process to potentially perform a sandbox escape via specifi...

DEBIAN-CVE-2024-2193

A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the...

Google Pixel Security Breach

Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a missing bounds check in the gpuslclivenessupdate method of the pixelgpuslc.c file, which may result in out-of-bounds reads...

PT-2024-2629 · Arm · Arm Ltd Midgard Gpu Kernel Driver +3

Name of the Vulnerable Software and Affected Versions: Arm Ltd Midgard GPU Kernel Driver versions r13p0 through r32p0 Arm Ltd Bifrost GPU Kernel Driver versions r11p0 through r25p0 Arm Ltd Valhall GPU Kernel Driver versions r19p0 through r25p0, versions r29p0 through r46p0 Arm Ltd Arm 5th Gen GPU...

PT-2024-14577 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a resource reuse vulnerability in the GPU module. Successful exploitation of this vulnerability may affect service...

AMD GPU Memory Leak Advisory - Lenovo Support US

No description provided...

ARM Valhall GPU Kernel Driver and Bifrost GPU Kernel Driver Resource Management Error Vulnerability

ARM Bifrost GPU Kernel Driver and Valhall GPU Kernel Driver are both products of ARM UK.Bifrost GPU Kernel Driver is a Bifrost GPU Kernel Driver.Valhall GPU Kernel Driver is an ARM Bifrost GPU Kernel Driver. Valhall GPU Kernel Driver is a Valhall GPU kernel driver. A security vulnerability exists...

DEBIAN-CVE-2023-4969

A GPU kernel can read sensitive data from another GPU kernel even from another user or app through an optimized GPU memory region called local memory on various architectures...

UBUNTU-CVE-2023-4969

A GPU kernel can read sensitive data from another GPU kernel even from another user or app through an optimized GPU memory region called local memory on various architectures...

kernel: vmwgfx: integer overflow in vmwgfx_execbuf.c

An integer overflow was found in the Linux kernel's vmwgfx driver. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, and able to issue an ioctl on the resulting file descriptor to crash the system, causing a denial of service...

CVE-2023-33114 Use after free in Neural Processing Unit

Memory corruption while running NPU, when NETWORKUNLOAD and NETWORKUNLOAD or NETWORKEXECUTEV2 commands are submitted at the same time...

CVE-2023-33114 Use after free in Neural Processing Unit

Memory corruption while running NPU, when NETWORKUNLOAD and NETWORKUNLOAD or NETWORKEXECUTEV2 commands are submitted at the same time...

PT-2023-7608 · Siemens · Simatic S7-1500 Cpu Family

Name of the Vulnerable Software and Affected Versions: Siemens SIMATIC S7-1500 CPU Family affected versions not specified Description: The issue is related to a use-after-free vulnerability in the software of programmable logic controllers. This could allow a remote attacker to cause a denial of...

PT-2023-28550 · Unknown · Gpu Driver

Name of the Vulnerable Software and Affected Versions: GPU driver affected versions not specified Description: The issue is related to an incorrect bounds check in the GPU driver, which can lead to a possible out of bounds write. This could result in a local denial of service and requires System...