CVE-2024-6790 Mali GPU Kernel Driver can cause the whole system to become unresponsive

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a non-privileged user process to make valid GPU memory processing operations, including via WebGL o...

PT-2025-3686

Name of the Vulnerable Software and Affected Versions Arm Ltd Bifrost GPU Kernel Driver versions r44p1, from r46p0 through r49p0, from r50p0 through r51p0 Arm Ltd Valhall GPU Kernel Driver versions r44p1, from r46p0 through r49p0, from r50p0 through r51p0 Arm Ltd Arm 5th Gen GPU Architecture Kern...

Security Vulnerabilities fixed in Thunderbird 115.18 — Mozilla

Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. Enhanced Tracking Protection's Strict...

SUSE CVE-2024-11691

Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. This vulnerability affects Firefox 13...

UBUNTU-CVE-2024-11691

Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. This vulnerability affects Firefox 13...

CVE-2024-11691

Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. This vulnerability affects Firefox 13...

CVE-2024-11691

Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. This vulnerability affects Firefox 13...

Mozilla Firefox ESR < 115.18

The version of Firefox ESR installed on the remote Windows host is prior to 115.18. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-65 advisory. - Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP frame-src bypass and DOM-based XS...

Mozilla Firefox < 133.0

The version of Firefox installed on the remote Windows host is prior to 133.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-63 advisory. - A double-free issue could have occurred in secpkcs7decoderstartdecrypt when handling an error path. Under specific...

Updated firefox packages fix security vulnerabilities

The updated package provides Firefox 128 for all mandatory arches of Mageia x8664, i586 and aarch64, fixing several bugs, including security vulnerabilities, for i586 and aarch64: Fullscreen notification dialog can be obscured by document content. CVE-2024-7518 Out of bounds memory access in...

NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-2015 NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability October 23, 2024 CVE Number CVE-2024-0119 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D10 Driver 555.99...

ShadyShader: Crashing Apple Devices with a Single Click

Introduction A while ago, we discovered an interesting vulnerability in the GPU’s drivers of iPhones, iPads, and macOS computers with M-series chips. Dubbed ShadyShader, this flaw allows a specially crafted shader program to overwhelm Apple’s GPU, causing repeated freezes that ultimately lead to ...

CentOS 7 : thunderbird (RHSA-2022:9079)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:9079 advisory. - If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER...

CentOS 6 : chromium-browser (RHSA-2020:1270)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1270 advisory. - usrsctp before 2019-12-20 has out-of-bounds reads in sctploadaddressesfrominit. CVE-2019-20503 - Use after free in WebGL in Google Chrome prior to...

ROS-20240924-01

The vulnerability in Firefox and Firefox ESR browsers and Thunderbird email client is related to flaws in the in access control. Exploitation of the vulnerability could allow an attacker acting remotely, redirect a user to an arbitrary URL using a specially crafted extension The vulnerability in...

The vulnerability of the WebGL component in Firefox web browsers, Firefox ESR, and the Thunderbird email client allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the WebGL component in Firefox web browsers, Firefox ESR, and the email client Thunderbird is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service...

The vulnerability in the implementation of the WebGL 3D graphics application programming interface for Firefox, Firefox ESR, and Thunderbird email client allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the WebGL 3D graphics application programming interface in Firefox, Firefox ESR, and Thunderbird email client relates to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and...

mozilla: Uninitialized memory used by WebGL

The Mozilla Foundation Security Advisory describes this flaw as: ANGLE failed to initialize parameters which led to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory...

mozilla: Uninitialized memory used by WebGL

The Mozilla Foundation Security Advisory describes this flaw as: ANGLE failed to initialize parameters which led to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory...

RHEL 9 : thunderbird (RHSA-2024:5396)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:5396 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: EMBARGOED Thunderbird: 115.14/128.1 mozilla: Fullscreen...