Lucene search
+L

60 matches found

CVE
CVE
added 2025/01/13 10:37 a.m.76 views

CVE-2024-52937

CVE-2024-52937 describes a vulnerability where kernel software running inside a guest VM could exploit memory shared with the GPU firmware to write data outside the guest’s virtualized GPU memory. The issue is associated with Imagination Technologies’ PowerVR-GPU components and is documented acro...

6.7CVSS6.5AI score0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/13 10:37 a.m.7 views

CVE-2024-52937 GPU DDK - rgxfw_kernel_CMD_DISABLE_ZSSTORE OOB write via ui32WriteOffsetOfDisableZSStore

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...

6.9AI score0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/13 10:35 a.m.7 views

CVE-2024-52936 GPU DDK - rgxfw_hwperf_config OOB read & write

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest's virtualised GPU memory...

4.9AI score0.00186EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 10:35 a.m.31 views

CVE-2024-52936 GPU DDK - rgxfw_hwperf_config OOB read & write

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest's virtualised GPU memory...

0.00186EPSS
Exploits0References1
CVE
CVE
added 2025/01/13 10:33 a.m.98 views

CVE-2024-52935

CVE-2024-52935 : A kernel-level issue affecting the Imagination Technologies PowerVR-GPU driver. Kernel software running inside a guest VM can access memory shared with the GPU firmware and write data outside the guest’s virtualised GPU memory, enabling potential cross-VM data leakage or memory c...

4.1CVSS6.5AI score0.00226EPSS
Exploits0References1
CVE
CVE
added 2025/01/13 10:31 a.m.77 views

CVE-2024-47895

CVE-2024-47895 describes a vulnerability in Imagination Technologies’ PowerVR-GPU driver where kernel software running inside a guest VM can issue improper commands to the GPU firmware, enabling an information disclosure by reading data outside the guest’s virtualized GPU memory. Public reference...

7.1CVSS6.6AI score0.00202EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/13 10:30 a.m.7 views

CVE-2024-47894 GPU DDK - Out of bounds read into fwlog due to unchecked loop bounds

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory...

7AI score0.00204EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 10:30 a.m.23 views

CVE-2024-47894 GPU DDK - Out of bounds read into fwlog due to unchecked loop bounds

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory...

0.00204EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/13 10:28 a.m.9 views

CVE-2024-47897 GPU DDK - PVRSRVRGXGetEnabledHWPerfBlocksKM off-by-one OOB write

Software installed and run as a non-privileged user may conduct improper GPU system calls resulting in platform instability and reboots...

7AI score0.00589EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 10:28 a.m.30 views

CVE-2024-47897 GPU DDK - PVRSRVRGXGetEnabledHWPerfBlocksKM off-by-one OOB write

Software installed and run as a non-privileged user may conduct improper GPU system calls resulting in platform instability and reboots...

0.00589EPSS
Exploits0References1
CVE
CVE
added 2025/01/13 10:28 a.m.96 views

CVE-2024-47897

CVE-2024-47897 affects Imagination Technologies PowerVR-GPU driver (GPU DDK). The connected sources identify a vulnerability in PVRSRVRGXGetEnabledHWPerfBlocksKM that is an off-by-one out-of-bounds write, reported under the Imagination Technologies entries in the Android bulletin and CVE listings...

8.8CVSS6.6AI score0.00589EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/28 4:58 a.m.17 views

CVE-2024-43705 GPU DDK - Security: Exploitable PVRSRVBridgePhysmemWrapExtMem may lead to overwrite read-only file/memory (e.g. libc.so)

Software installed and run as a non-privileged user can trigger the GPU kernel driver to write to arbitrary read-only system files that have been mapped into application memory...

0.00142EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/28 4:53 a.m.26 views

CVE-2024-46972 GPU DDK - Security: Reference count overflow in pvr_sync_rollback_export_fence

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions...

0.00164EPSS
Exploits0References1
CVE
CVE
added 2024/12/28 4:53 a.m.129 views

CVE-2024-46972

CVE-2024-46972 is an Imagination Technologies PowerVR-GPU driver issue. The vulnerability arises from a faulty GPU system call path that can be triggered by code running with normal user permissions, leading to a use-after-free in the kernel. The CVE is documented with a local-execution impact pr...

7.8CVSS6.5AI score0.00164EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/13 5:35 p.m.28 views

CVE-2024-47892 GPU DDK - UAF of kernel memory in PMRUnlockPhysAddressesOSMem for on-demand non-4KB PMRs in system memory (UMA)

Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU...

0.00139EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/30 2:30 a.m.12 views

CVE-2024-43702 GPU DDK - MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pages

Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page...

6.8AI score0.0033EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/30 2:30 a.m.29 views

CVE-2024-43702 GPU DDK - MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pages

Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page...

0.0033EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/18 4:54 a.m.17 views

CVE-2024-43704 GPU DDK - PowerVR: PVRSRVAcquireProcessHandleBase can cause psProcessHandleBase reuse when PIDs are reused

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain access to the graphics buffers of a parent process...

7.1AI score0.00173EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/18 4:54 a.m.37 views

CVE-2024-43704 GPU DDK - PowerVR: PVRSRVAcquireProcessHandleBase can cause psProcessHandleBase reuse when PIDs are reused

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain access to the graphics buffers of a parent process...

0.00173EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/14 8:17 a.m.18 views

CVE-2024-43701 GPU DDK - PowerVR: TLB invalidate UAF of dma_buf imported into multiple GPU devices

Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU...

0.00131EPSS
Exploits0References1
Rows per page
Query Builder