CVE-2025-37854

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mode1 reset crash issue If HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal user space to abort the processes. After process abort exit, user queues still use the GPU to access system memory...

CVE-2025-0072 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Drive...

CVE-2025-21880

Linux kernel CVE-2025-21880 affects the DRM XE userptr flow (drm/xe/userptr), specifically xe_vm_userptr_pin and EFAULT handling from hmm_range_fault(). The issue arose when EFAULT was treated as non-fatal, which could leave the userptr VMA on the rebind list during preempt_rebind_work_func(), le...

CVE-2025-21880 drm/xe/userptr: fix EFAULT handling

In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix EFAULT handling Currently we treat EFAULT from hmmrangefault as a non-fatal error when called from xevmuserptrpin with the idea that we want to avoid killing the entire vm and chucking an error, under the...

Linux Distros Unpatched Vulnerability : CVE-2024-36353

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values potentially leading to loss o...

CVE-2024-36353

Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values potentially leading to loss of confidentiality...

CVE-2024-36353

Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values potentially leading to loss of confidentiality...

CVE-2024-36353

Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values potentially leading to loss of confidentiality...

CVE-2024-36353

CVE-2024-36353 is linked to cross-process disclosure in AMD Linux GPU drivers caused by insufficient clearing of GPU global memory. The vulnerability could allow a malicious process on the same GPU to read leftover memory, leading to loss of confidentiality. Affected component is the Linux GPU dr...

PT-2025-9215 · Amd · Radeon Software For Linux

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values, potentially leading to loss of confidentiality...

CROSS-PROCESS GPU MEMORY DISCLOSURE

AMD ID: AMD-SB-6019 Potential Impact: Loss of Confidentiality Severity: Medium Summary A vulnerability in the Linux® drivers for AMD GPUs could allow cross-process disclosure of GPU global memory...

CVE-2024-47896 GPU DDK - rgxfw_hwr_log_info OOB write via psHWRInfoBuf->ui32WriteIndex

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...

CVE-2024-46975

CVE-2024-46975 affects the Imagination Technologies PowerVR-GPU driver. The issue arises from kernel code running inside a guest VM that may access memory shared with the GPU firmware, allowing writes to another guest’s virtualized GPU memory. This is described in multiple sources (including Red ...

Imagination GPU Driver 安全漏洞

The Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in the Imagination GPU Driver that originates from kernel software installed and running in the Guest VM that may leverage memory shared with the GPU firmware to write data outside of the Guest's...

CVE-2024-23372

Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size...

CVE-2024-52937 GPU DDK - rgxfw_kernel_CMD_DISABLE_ZSSTORE OOB write via ui32WriteOffsetOfDisableZSStore

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...

CVE-2024-47895

CVE-2024-47895 describes a vulnerability in Imagination Technologies’ PowerVR-GPU driver where kernel software running inside a guest VM can issue improper commands to the GPU firmware, enabling an information disclosure by reading data outside the guest’s virtualized GPU memory. Public reference...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in the Imagination GPU Driver that originates from kernel software installed and running in a guest virtual machine that may issue incorrect commands to the GPU firmware to write data outside of the memo...

CVE-2024-46971

Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU...

CVE-2024-47892 GPU DDK - UAF of kernel memory in PMRUnlockPhysAddressesOSMem for on-demand non-4KB PMRs in system memory (UMA)

Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU...