217 matches found
NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2024-2015 NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability October 23, 2024 CVE Number CVE-2024-0119 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D10 Driver 555.99...
NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability due to excessive loop iteration
Talos Vulnerability Report TALOS-2024-2013 NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability due to excessive loop iteration October 23, 2024 CVE Number CVE-2024-0118 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D...
RHEL 9 : freerdp (RHSA-2024:2208)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2208 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...
SUSE CVE-2024-32041
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate /gfx on by default, set /bpp or /rfx options...
SUSE CVE-2024-32458
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use /gfx or /rfx modes on by default, require server side...
DEBIAN-CVE-2024-32458
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use /gfx or /rfx modes on by default, require server side...
NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1849 NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability February 29, 2024 CVE Number CVE-2024-0071 SUMMARY An out-of-bounds read vulnerability exists in the Shader functionality of NVIDIA D3D10 Driver, Version 546.01, 31.0.15.4601. A...
SUSE CVE-2023-39351
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions of FreeRDP are subject to a Null Pointer Dereference leading a crash in the RemoteFX rfx handling. Inside the rfxprocessmessagetileset function, the program allocates tiles...
CVE-2023-39351
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions of FreeRDP are subject to a Null Pointer Dereference leading a crash in the RemoteFX rfx handling. Inside the rfxprocessmessagetileset function, the program allocates tiles...
DEBIAN-CVE-2023-39351
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions of FreeRDP are subject to a Null Pointer Dereference leading a crash in the RemoteFX rfx handling. Inside the rfxprocessmessagetileset function, the program allocates tiles...
Null pointer dereference
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions of FreeRDP are subject to a Null Pointer Dereference leading a crash in the RemoteFX rfx handling. Inside the rfxprocessmessagetileset function, the program allocates tiles...
CVE-2023-39351
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions of FreeRDP are subject to a Null Pointer Dereference leading a crash in the RemoteFX rfx handling. Inside the rfxprocessmessagetileset function, the program allocates tiles...
UBUNTU-CVE-2023-39351
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions of FreeRDP are subject to a Null Pointer Dereference leading a crash in the RemoteFX rfx handling. Inside the rfxprocessmessagetileset function, the program allocates tiles...
CVE-2023-39351
CVE-2023-39351 affects FreeRDP (RDP client/server library). The issue is a null pointer dereference in the RemoteFX (rfx) path: in rfx_process_message_tileset, tiles are allocated via rfx_allocate_tiles for numTiles, but if initialization fails some tiles remain NULL and may be accessed later, ca...
CVE-2023-39351 FreeRDP Null Pointer Dereference leading denial of service
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions of FreeRDP are subject to a Null Pointer Dereference leading a crash in the RemoteFX rfx handling. Inside the rfxprocessmessagetileset function, the program allocates tiles...
CVE-2023-39351 FreeRDP Null Pointer Dereference leading denial of service
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions of FreeRDP are subject to a Null Pointer Dereference leading a crash in the RemoteFX rfx handling. Inside the rfxprocessmessagetileset function, the program allocates tiles...
Three vulnerabilities in NVIDIA graphics driver could cause memory corruption
Piotr Bania of Cisco Talos discovered the vulnerabilities mentioned in this post. Cisco Talos recently disclosed three vulnerabilities in the shader functionality of the NVIDIA D3D10 driver that works with NVIDIAs graphics cards. The driver is vulnerable to memory corruption if an adversary sends...
NVIDIA D3D10 Driver Shader Functionality DCL_INDEXRANGE instruction memory corruption vulnerability
Talos Vulnerability Report TALOS-2022-1604 NVIDIA D3D10 Driver Shader Functionality DCLINDEXRANGE instruction memory corruption vulnerability December 6, 2022 CVE Number CVE-2022-34671 SUMMARY A memory corruption vulnerability exists in the Shader Functionality DCLINDEXRANGE instruction...
NVIDIA D3D10 Driver Shader Functionality MOV instruction memory corruption vulnerability
Talos Vulnerability Report TALOS-2022-1603 NVIDIA D3D10 Driver Shader Functionality MOV instruction memory corruption vulnerability December 6, 2022 CVE Number CVE-2022-34671 SUMMARY A memory corruption vulnerability exists in the Shader Functionality MOV instruction index functionality of NVIDIA...
Microsoft Windows HyperV RemoteFX vGPU Multiple Vulnerabilities
The Microsoft HyperV RemoteFX vGPU enabled on the remote host is affected by multiple vulnerabilities, including the following: - An exploitable code execution vulnerability exists in the Shader functionality. An attacker can provide a specially crafted shader file to trigger this vulnerability,...