CVE-2026-34193 GPU DDK - Arbitrary write via UFO updates due insufficient pointer validation in rgxfw_to_ptr()

Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...

Exploit for Missing Release of Memory after Effective Lifetime in Arm 5Th_Gen_Gpu_Architecture_Kernel_Driver

CVE-2023-26083 – Mali GPU Kernel Address Leak via Timeline Str...

Linux Distros Unpatched Vulnerability : CVE-2026-24198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause...

CVE-2026-24198

NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive information to an unauthorized actor. A successful exploit of this vulnerability might lead to denial of...

CVE-2026-45853

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocation. Using kfree to release vmalloc memor...

NVIDIA Linux GPU Display Driver (May 2026)

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by the following vulnerabilities: - A vulnerability exists where an attacker could cause a use-after-free, potentially leading to denial of service, escalation of privileges,...

ROS-20260515-73-0021

A vulnerability in the PowerVR GPU driver of Google Chrome and Microsoft Edge browsers is related to writing outside of buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

CVE-2026-43444

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Unreserve bo if queue update failed Error handling path should unreserve bo then return failed. cherry picked from commit c24afed7de9ecce341825d8ab55a43a254348b33...

CVE-2026-43195

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate user queue size constraints Add validation to ensure user queue sizes meet hardware requirements: - Size must be a power of two for efficient ring buffer wrapping - Size must be at least AMDGPUGPUPAGESIZE to...

Linux Distros Unpatched Vulnerability : CVE-2026-23469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/imagination: Synchronize interrupts before suspending the GPU The runtime PM suspend callback doesn't know whether the IRQ handler is in progress on a...

Linux Distros Unpatched Vulnerability : CVE-2026-23338

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings Userspace can either deliberately pass in the too small numfences, or the required...

CVE-2025-33218

CVE-2025-33218 affects the NVIDIA GPU Display Driver for Windows, in the kernel-mode nvlddmkm.sys, where an integer overflow could enable a local attacker to achieve code execution, privilege escalation, data tampering, DoS, or information disclosure. Public advisories from NVIDIA enumerate affec...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001543)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001543 advisory. A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allow...

CVE-2025-58409

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2025-58409

CVE-2025-58409 is a GPU driver vulnerability affecting Imagination Technologies’ GPU driver/Imagination Graphics DDK. The issue arises when an unprivileged user performs improper GPU system calls, subverting GPU hardware to write to arbitrary physical memory pages. Under certain conditions this c...

ROS-20260113-7360

A vulnerability in the drivers/gpu/drm/amd/display component of the Linux operating system kernel is related to synchronization errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260113-7312

A vulnerability in the navi10issupportfinegraineddpm function in the drivers/gpu/drm/amd/pm/swsmu/smu11/navi10ppt.c module of the amdpgu driver of the Linux kernel is related to incorrect index calculation. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integri...

CVE-2022-42716

An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0...

CVE-2019-20577

An issue was discovered on Samsung mobile devices with P9.0 Exynos chipsets software. The MALI GPU Driver allows a kernel panic. The Samsung ID is SVE-2019-14372 August 2019...

CVE-2022-42256

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko, where an integer overflow in index validation may lead to denial of service, information disclosure, or data tampering...