21 matches found
EUVD-2026-13836
Requires malware code to misuse the DDK kernel module IOCTL interface. Such code can use the interface in an unsupported way that allows subversion of the GPU to perform writes to arbitrary physical memory pages. The product utilises a shared resource in a concurrent manner but does not attempt t...
CVE-2026-22163
Requires malware code to misuse the DDK kernel module IOCTL interface. Such code can use the interface in an unsupported way that allows subversion of the GPU to perform writes to arbitrary physical memory pages. The product utilises a shared resource in a concurrent manner but does not attempt t...
CVE-2025-67246
A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresse...
CVE-2025-58409
Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...
Imagination GPU Driver 安全漏洞
Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver version 24.3 and earlier, which originates from the possibility that an unprivileged user may make improper GPU system calls that result in writing to arbitrary physical memory...
CVE-2024-47027
In smmemcompatgetvmmobj of lib/sm/sharedmem.c, there is a possible arbitrary physical memory access due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-47027
In smmemcompatgetvmmobj of lib/sm/sharedmem.c, there is a possible arbitrary physical memory access due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-44067
The T-Head XuanTie C910 CPU in the TH1520 SoC and the T-Head XuanTie C920 CPU in the SOPHON SG2042 have instructions that allow unprivileged attackers to write to arbitrary physical memory locations, aka GhostWrite...
T-Head XuanTie C910和C920 安全漏洞
The T-Head XuanTie C910 and T-Head XuanTie C920 are both high-efficiency CPU processors from China-based T-Head. A security vulnerability exists in the T-Head XuanTie C910 and C920 that stems from an instruction that allows an unprivileged attacker to write to an arbitrary physical memory locatio...
CVE-2024-44067
CVE-2024-44067 affects the T-Head XuanTie C910 (TH1520 SoC) and XuanTie C920 (SOPHON SG2042); an instruction in these CPUs allows unprivileged attackers to write to arbitrary physical memory (GhostWrite). Reported impact is high for confidentiality, integrity, and availability (CVSSv3.1: 8.4, Loc...
K16478: Linux kernel vulnerabilities CVE-2014-8159 and CVE-2014-8369
Security Advisory Description CVE-2014-8159 The InfiniBand IB implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux RHEL 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical...
GIGABYTE XTREME GAMING ENGINE < 1.26 Multiple Vulnerabilities
The version of GIGABYTE XTREME GAMING ENGINE installed on the remote host is prior to 1.26. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE befor...
CVE-2021-44852
An issue was discovered in BSRCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity process can open the driver's device object and issue IOCTLs to read or write to arbitrary physical memory locations or call an arbitrary address, leading to execution of arbitrary code. This is...
CVE-2020-28922
An issue was discovered in Devid Espenschied PC Analyser through 4.10. The PCADRVX64.SYS kernel driver exposes IOCTL functionality that allows low-privilege users to read and write arbitrary physical memory. This could lead to arbitrary Ring-0 code execution and escalation of privileges...
CVE-2018-19321
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate...
NVIDIA Windows GPU Display Driver Local Elevation of Privilege Vulnerability (CNVD-2016-12899)
NVIDIA Windows GPU Display Driver is a set of graphics processor GPU graphics card drivers for Windows from NVIDIA. A security vulnerability exists in the kernel mode layer processor of DxgDdiEscape in all versions of the NVIDIA Windows GPU Display Driver, which arises from a failure of the progr...
CVE-2016-7389
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver on Linux R304 before 304.132, R340 before 340.98, R367 before 367.55, R36193 before 361.93.03, and R370 before 370.28 contains a vulnerability in the kernel mode layer nvidia.ko handler for mmap where improper inpu...
CVE-2015-6923
The ndvbs module in VBox Communications Satellite Express Protocol 2.3.17.3 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x00000ffd ioctl call...
CVE-2015-6923
The ndvbs module in VBox Communications Satellite Express Protocol 2.3.17.3 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x00000ffd ioctl call...
CVE-2012-6422
The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions 0666 for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted...