89 matches found
CVE-2026-41156
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources creating a write use after free scenario. A shared resource memory page managed by a CPU thread of control driver and accessed by a GPU thread of control Firmware can caus...
CVE-2026-41156
CVE-2026-41156 concerns GPU DDK where a CPU-thread driver frees a memory page used by a GPU firmware thread, causing a write-after-free (UAF) due to the GPU still accessing the resource. The issue references a SYNC_PRIMITIVE_BLOCK firmware address without holding a reference in the kernelfirmware...
CVE-2026-34193
Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...
CVE-2026-34193
Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...
CVE-2026-34193
Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...
CVE-2026-34193 GPU DDK - Arbitrary write via UFO updates due insufficient pointer validation in rgxfw_to_ptr()
Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...
PT-2026-45409
Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...
CVE-2026-0427
Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine VM to access these shared resources from another Guest VM, potentially resulting in the loss of confidentiality, integrity, or availability...
CVE-2026-0427
Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine VM to access these shared resources from another Guest VM, potentially resulting in the loss of confidentiality, integrity, or availability...
CVE-2026-0427
CVE-2026-0427 is tied to AMD GPU firmware: improper cleanup of shared register resources could allow an admin-privileged attacker in one Guest VM to access shared resources from another Guest VM. The vulnerability targets the GPU firmware’s handling of shared register space, enabling potential lo...
Fedora 42 : linux-firmware (2026-1d240112ff)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-1d240112ff advisory. Update to 20260110: update firmware for MT7925 WiFi device mediatek MT7925: update bluetooth firmware to 20260106153314 mediatek MT7920: update bluetooth...
CVE-2025-58407
Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...
CVE-2025-58407 GPU DDK - TOCTOU bug affecting psFWMemContext->uiPageCatBaseRegSet
Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...
PT-2025-47174
Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware, potentially exploiting a TOCTOU race condition. This could lead to a read and/or write of data outside the...
CVE-2025-32091
Incorrect default permissions in some firmware for the IntelR ArcTM B-series GPUs within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may...
EUVD-2025-4299
Malicious code in bioql PyPI...
EUVD-2025-4435
Malicious code in bioql PyPI...
EUVD-2025-4434
Malicious code in bioql PyPI...
EUVD-2025-11810
Malicious code in bioql PyPI...
EUVD-2025-4368
Malicious code in bioql PyPI...