155 matches found
SUSE-SU-2022:4516-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-1503005993 fixes several issues. The following security issues were fixed: - CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation bsc1205128. - CVE-2022-4378: Fixed stack overflow in doprocdointvec bsc1206207. - CVE-2022-4139: Fixed an issue...
CVE-2022-41757
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to obtain write access to read-only memory, or obtain access to already freed memory. This affects Valhall r29p0 through r38p1 before r38p2, and r39p0 before r40p0...
kernel: possible privileges escalation due to missing TLB flush
A random memory access flaw was found in the Linux kernel’s GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system...
kernel: possible privileges escalation due to missing TLB flush
A random memory access flaw was found in the Linux kernel’s GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system...
Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability
Arm Mali Graphics Processing Unit GPU kernel driver contains a use-after-free vulnerability that may allow a non-privileged user to make improper operations on GPU memory to gain root privilege, and/or disclose information...
Qualcomm Graphics Access Control Error Vulnerability
Qualcomm Graphics is a Qualcomm graphics support firmware for use on processors. A security vulnerability exists in Qualcomm Graphics that stems from the use of mmap, where the kgsl driver has a special offset value that can be supplied to map the GPU memstore to user space...
Information Leak
Mozilla Developer Nicolas Silva is vulnerable to information leak. It is found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content...
CVE-2020-12407
Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox 77...
CVE-2020-12407
CVE-2020-12407 affects Mozilla Firefox before 77. When using WebRender, under certain conditions Firefox could leak arbitrary GPU memory to the visible screen, exposing memory contents to the user (not to web content). Impact aligns with partial confidentiality; exploit details are not provided b...
CVE-2020-12407
Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox 77...
Mozilla Firefox Information Disclosure Vulnerability (CNVD-2020-41074)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in previous versions of Mozilla Firefox 77. An attacker could exploit the vulnerability to gain access to the contents of GPU memory...
CVE-2020-12407
Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox 77...
Security Vulnerabilities fixed in Firefox 77 — Mozilla
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. Mozilla Developer Iain Ireland...
CVE-2017-18643
An issue was discovered on Samsung mobile devices with M6.x and N7.x software. There is information disclosure of the kbasecontext address of a GPU memory node. The Samsung ID is SVE-2017-8907 December 2017...
Information disclosure
An issue was discovered on Samsung mobile devices with M6.x and N7.x software. There is information disclosure of the kbasecontext address of a GPU memory node. The Samsung ID is SVE-2017-8907 December 2017...
CVE-2017-18643
An issue was discovered on Samsung mobile devices with M6.x and N7.x software. There is information disclosure of the kbasecontext address of a GPU memory node. The Samsung ID is SVE-2017-8907 December 2017...
CVE-2019-10520
An unprivileged application can allocate GPU memory by calling memory allocation ioctl function and can exhaust all the memory which results in out of memory in Snapdragon Mobile, Snapdragon Voice & Music in QCS405, SD 210/SD 212/SD 205, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / ...
Design/Logic Flaw
An unprivileged application can allocate GPU memory by calling memory allocation ioctl function and can exhaust all the memory which results in out of memory in Snapdragon Mobile, Snapdragon Voice & Music in QCS405, SD 210/SD 212/SD 205, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / ...
CVE-2019-10520
The CVE-2019-10520 issue is a local, memory-allocator-based vulnerability described as an unprivileged app being able to allocate GPU memory via a memory allocation ioctl, potentially exhausting all memory and causing out-of-memory on Snapdragon devices (Mobile/Voice & Music) across multiple SDM/...
CVE-2019-10520
An unprivileged application can allocate GPU memory by calling memory allocation ioctl function and can exhaust all the memory which results in out of memory in Snapdragon Mobile, Snapdragon Voice & Music in QCS405, SD 210/SD 212/SD 205, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / ...