Lucene search
+L

85 matches found

Vulnrichment
Vulnrichment
added 2025/01/13 10:35 a.m.7 views

CVE-2024-52936 GPU DDK - rgxfw_hwperf_config OOB read & write

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest's virtualised GPU memory...

4.9AI score0.00186EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 10:35 a.m.31 views

CVE-2024-52936 GPU DDK - rgxfw_hwperf_config OOB read & write

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest's virtualised GPU memory...

0.00186EPSS
Exploits0References1
CVE
CVE
added 2025/01/13 10:33 a.m.99 views

CVE-2024-52935

CVE-2024-52935 : A kernel-level issue affecting the Imagination Technologies PowerVR-GPU driver. Kernel software running inside a guest VM can access memory shared with the GPU firmware and write data outside the guest’s virtualised GPU memory, enabling potential cross-VM data leakage or memory c...

4.1CVSS6.5AI score0.00226EPSS
Exploits0References1
CVE
CVE
added 2025/01/13 10:31 a.m.79 views

CVE-2024-47895

CVE-2024-47895 describes a vulnerability in Imagination Technologies’ PowerVR-GPU driver where kernel software running inside a guest VM can issue improper commands to the GPU firmware, enabling an information disclosure by reading data outside the guest’s virtualized GPU memory. Public reference...

7.1CVSS6.6AI score0.00202EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/13 10:30 a.m.7 views

CVE-2024-47894 GPU DDK - Out of bounds read into fwlog due to unchecked loop bounds

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory...

7AI score0.00204EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 10:30 a.m.23 views

CVE-2024-47894 GPU DDK - Out of bounds read into fwlog due to unchecked loop bounds

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory...

0.00204EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/13 10:28 a.m.9 views

CVE-2024-47897 GPU DDK - PVRSRVRGXGetEnabledHWPerfBlocksKM off-by-one OOB write

Software installed and run as a non-privileged user may conduct improper GPU system calls resulting in platform instability and reboots...

7AI score0.00589EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 10:28 a.m.30 views

CVE-2024-47897 GPU DDK - PVRSRVRGXGetEnabledHWPerfBlocksKM off-by-one OOB write

Software installed and run as a non-privileged user may conduct improper GPU system calls resulting in platform instability and reboots...

0.00589EPSS
Exploits0References1
CVE
CVE
added 2025/01/13 10:28 a.m.97 views

CVE-2024-47897

CVE-2024-47897 affects Imagination Technologies PowerVR-GPU driver (GPU DDK). The connected sources identify a vulnerability in PVRSRVRGXGetEnabledHWPerfBlocksKM that is an off-by-one out-of-bounds write, reported under the Imagination Technologies entries in the Android bulletin and CVE listings...

8.8CVSS6.6AI score0.00589EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/13 12:0 a.m.8 views

PT-2025-2780 · Unknown · Graphics Ddk

Name of the Vulnerable Software and Affected Versions: Graphics DDK version = 24.2 RTM2 Description: The kernel software installed and running inside a guest virtual machine VM can send improper commands to the GPU firmware, allowing it to read data outside the guest's virtualized GPU memory. Thi...

7.1CVSS6.7AI score0.00204EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/01/13 12:0 a.m.13 views

PT-2025-2943 · Imagination Technologies · Imagination Technologies Graphics Ddk

Name of the Vulnerable Software and Affected Versions: Imagination Technologies Graphics DDK version = 24.2 RTM2 Description: The kernel software installed and running inside a Guest VM may send improper commands to the GPU Firmware to subvert reconstruction activities and trigger a write of data...

7.8CVSS6.6AI score0.00208EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/12/28 4:58 a.m.17 views

CVE-2024-43705 GPU DDK - Security: Exploitable PVRSRVBridgePhysmemWrapExtMem may lead to overwrite read-only file/memory (e.g. libc.so)

Software installed and run as a non-privileged user can trigger the GPU kernel driver to write to arbitrary read-only system files that have been mapped into application memory...

0.00142EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/28 4:53 a.m.26 views

CVE-2024-46972 GPU DDK - Security: Reference count overflow in pvr_sync_rollback_export_fence

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions...

0.00164EPSS
Exploits0References1
CVE
CVE
added 2024/12/28 4:53 a.m.129 views

CVE-2024-46972

CVE-2024-46972 is an Imagination Technologies PowerVR-GPU driver issue. The vulnerability arises from a faulty GPU system call path that can be triggered by code running with normal user permissions, leading to a use-after-free in the kernel. The CVE is documented with a local-execution impact pr...

7.8CVSS6.5AI score0.00164EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/13 5:35 p.m.28 views

CVE-2024-47892 GPU DDK - UAF of kernel memory in PMRUnlockPhysAddressesOSMem for on-demand non-4KB PMRs in system memory (UMA)

Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU...

0.00139EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/30 2:39 a.m.30 views

CVE-2024-43703 GPU DDK - Duplicate calls to RGXCreateFreeList on the same reservation leads to GPU UAF

Software installed and run as a non-privileged user may conduct improper GPU system calls to achieve unauthorised reads and writes of physical memory from the GPU HW...

0.00379EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/30 2:30 a.m.12 views

CVE-2024-43702 GPU DDK - MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pages

Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page...

6.8AI score0.0033EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/30 2:30 a.m.29 views

CVE-2024-43702 GPU DDK - MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pages

Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page...

0.0033EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/18 4:54 a.m.17 views

CVE-2024-43704 GPU DDK - PowerVR: PVRSRVAcquireProcessHandleBase can cause psProcessHandleBase reuse when PIDs are reused

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain access to the graphics buffers of a parent process...

7.1AI score0.00173EPSS
Exploits0References1
CVE
CVE
added 2024/11/18 4:54 a.m.119 views

CVE-2024-43704

CVE-2024-43704 affects Imagination Technologies PowerVR GPU driver. The PVRSRVAcquireProcessHandleBase() function can reuse psProcessHandleBase when PIDs are reused, allowing a non-privileged user to perform improper GPU system calls and access the graphics buffers of a parent process. This is a ...

8.4CVSS8.5AI score0.00173EPSS
Exploits0References1
Rows per page
Query Builder