EUVD-2022-15468

Malicious code in bioql PyPI...

TencentOS Server 3: libguestfs-winsupport (TSSA-2022:0277)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0277 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

glslang, shaderc, spirv-tools, vulkan-headers, vulkan-loader, vulkan-tools, vulkan-utility-libraries, vulkan-validation-layers, and vulkan-volk bug fix and enhancement update

An update is available for vulkan-utility-libraries, vulkan-validation-layers, vulkan-headers, vulkan-tools, spirv-tools, vulkan-volk, vulkan-loader, glslang, shaderc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

spirv-tools, vulkan-headers, vulkan-loader, vulkan-tools, and vulkan-validation-layers bug fix and enhancement update

An update is available for vulkan-validation-layers, vulkan-headers, vulkan-tools, spirv-tools, vulkan-loader. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

DEBIAN-CVE-2024-26984

In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you might see something like this crash. BUG: kernel NULL pointer dereference, address:...

UBUNTU-CVE-2024-26984

In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you might see something like this crash. BUG: kernel NULL pointer dereference, address:...

PT-2024-8445

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37 Description The vulnerability is related to a race condition in the nouveau component of the Linux kernel, which can cause a NULL pointer dereference. This issue can occur when running a large number of VK...

Multiple General Graphics Processing Unit Security Vulnerabilities

OpenCL and Vulkan are products of the Khronos Group.OpenCL is a framework for writing programs for heterogeneous platforms.Vulkan is a low-overhead, cross-platform application programming interface API for 2D and 3D graphics and computing. A security vulnerability exists in Khronos Group OpenCL,...

GPU kernel implementations susceptible to memory leak

Overview General-purpose graphics processing unit GPGPU platforms from AMD, Apple, and Qualcomm fail to adequately isolate process memory, thereby enabling a local attacker to read memory from other processes. An attacker with access to GPU capabilities using a vulnerable GPU's programmable...

PT-2024-1065 · Google +4 · Angle Library +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 120.0.6099.199 Description: A heap buffer overflow in the ANGLE library of Google Chrome allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. The issue is related to the WebG...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when running VK synchronization with KASAN enabled...

PT-2024-12403 · Unknown · Linux Graphics

Name of the Vulnerable Software and Affected Versions: Linux Graphics affected versions not specified Description: The issue is related to memory corruption that occurs while running VK synchronization with KASAN enabled. This problem is also described as a Use-After-Free UAF in Linux Graphics. N...

Fedora 38 : alsa-plugins / attract-mode / audacious-plugins / blender / etc (2023-a5e10b188a)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-a5e10b188a advisory. FFmpeg 6.0 upgrade. ---- update to 111.0.5563.64. Fixes the following security issues: CVE-2023-0927 CVE-2023-0928 CVE-2023-0929 CVE-2023-0930...

Google Chromium Vulkan SwiftShader Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chromium-based browsers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

GLSA-202309-17 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202309-17 Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities - Type confusion in V8 in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to the 116.0.5845.140 release, fixing 5 vulnerabilities. High CVE-2023-4430: Use after free in Vulkan. Reported by Cassidy Kim@cassidy6564 on 2023-08-02 High CVE-2023-4429: Use after free in Loader. Reported by Anonymous on 2023-08-03 High...

FreeBSD : electron25 -- multiple vulnerabilities (970dcbe0-a947-41a4-abe9-7aaba87f41fe)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 970dcbe0-a947-41a4-abe9-7aaba87f41fe advisory. - Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote...

Use After Free

Google Chrome is vulnerable to Use After Free. The vulnerability exists in the Vulkan, which allows an attacker perform heap corruption via a maliciously crafted HTML page...

openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0237-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0237-1 advisory. - Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read vi...

Microsoft Edge (Chromium) < 116.0.1938.62 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 116.0.1938.62. It is, therefore, affected by multiple vulnerabilities as referenced in the August 25, 2023 advisory. - Microsoft Edge Chromium-based Elevation of Privilege Vulnerability CVE-2023-36741 - Out of bounds...