Lucene search
K

9778 matches found

OSV
OSV
added 2025/03/27 4:18 p.m.27 views

USN-7379-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-6.11, linux-oracle, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

8.1CVSS6.4AI score0.00737EPSS
Exploits2References309
CVE
CVE
added 2025/03/27 2:57 p.m.86 views

CVE-2025-21880

Linux kernel CVE-2025-21880 affects the DRM XE userptr flow (drm/xe/userptr), specifically xe_vm_userptr_pin and EFAULT handling from hmm_range_fault(). The issue arose when EFAULT was treated as non-fatal, which could leave the userptr VMA on the rebind list during preempt_rebind_work_func(), le...

5.5CVSS7AI score0.00187EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/03/27 2:57 p.m.6 views

CVE-2025-21880 drm/xe/userptr: fix EFAULT handling

In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix EFAULT handling Currently we treat EFAULT from hmmrangefault as a non-fatal error when called from xevmuserptrpin with the idea that we want to avoid killing the entire vm and chucking an error, under the...

5.5CVSS6AI score0.00187EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2025/03/26 3:44 p.m.3 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: CVE-2024-44192: Fixed unexpected process crash due to processing maliciously crafted web content bsc1239863 CVE-2024-54467: Fixed data exilfration cross-origin due to a cookie management issue via a malicious website bsc1239864 Other fixes: ...

7.1CVSS8.1AI score0.0424EPSS
Exploits4References12
RedhatCVE
RedhatCVE
added 2025/03/26 12:19 p.m.8 views

CVE-2025-0835

Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory...

7.8CVSS7.1AI score0.00153EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/26 12:18 p.m.5 views

CVE-2025-0478

Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kerne...

7.8CVSS6.9AI score0.00137EPSS
Exploits0References1
Citrix
Citrix
added 2025/03/25 12:0 a.m.22 views

Enabling WPF Rendering for Citrix HDX on Multi-Session VDAs

Overview Windows Presentation Foundation WPF applications can leverage GPU acceleration in Citrix Virtual Apps and Desktops CVAD environments running Windows Multi-session OS. By enabling WPF rendering on the server’s GPU, this reduces CPU load and improves graphics performance for WPF...

7AI score
Exploits0
NVD
NVD
added 2025/03/24 12:15 p.m.4 views

CVE-2025-0478

Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kerne...

7.8CVSS0.00137EPSS
Exploits0References1
NVD
NVD
added 2025/03/24 12:15 p.m.5 views

CVE-2025-0835

Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory...

7.8CVSS0.00153EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/24 11:42 a.m.6 views

CVE-2025-0835 GPU DDK - _WrapExtMemReleasePages called twice if _FlushUMVirtualRange fails

Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory...

7.1AI score0.00153EPSS
Exploits0References1
CVE
CVE
added 2025/03/24 11:42 a.m.102 views

CVE-2025-0835

CVE-2025-0835 involves an improper GPU system call in the Imagination Technologies PowerVR-GPU driver that can lead to kernel heap memory corruption when a non-privileged user invokes GPU operations. The issue is labeled as a local vulnerability (attack vector: LOCAL) with low privileges required...

7.8CVSS7.1AI score0.00153EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/24 11:42 a.m.13 views

CVE-2025-0835 GPU DDK - _WrapExtMemReleasePages called twice if _FlushUMVirtualRange fails

Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory...

0.00153EPSS
Exploits0References1
CVE
CVE
added 2025/03/24 11:37 a.m.108 views

CVE-2025-0478

CVE-2025-0478 describes a local vulnerability in GPUs where software running as a non-privileged user can trigger improper GPU system calls that read/write arbitrary physical memory pages. The impact, as stated in Red Hat/NVD descriptions, is potential corruption of memory pages not owned by the ...

7.8CVSS6.8AI score0.00137EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/24 11:37 a.m.5 views

CVE-2025-0478 GPU DDK - PMMETA_PROTECT PMR can be exported as dma-buf file / GEM object

Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kerne...

6.8AI score0.00137EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/24 11:37 a.m.16 views

CVE-2025-0478 GPU DDK - PMMETA_PROTECT PMR can be exported as dma-buf file / GEM object

Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kerne...

0.00137EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/03/24 12:0 a.m.5 views

The vulnerability of the cm3_helper_translate_curve_to_degamma_hw_format() function in the drivers/gpu/drm/amd/display/dc/dcn30/dcn30_cm_common.c file of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cm3helpertranslatecurvetodegammahwformat function in the drivers/gpu/drm/amd/display/dc/dcn30/dcn30cmcommon.c file of the Linux kernel is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

7.8CVSS7.2AI score0.00272EPSS
Exploits0References25Affected Software6
Fedora
Fedora
added 2025/03/22 2:26 a.m.14 views

[SECURITY] Fedora 40 Update: kitty-0.40.0-2.fc40

Offloads rendering to the GPU for lower system load and buttery smooth scrolling. Uses threaded rendering to minimize input latency. - Supports all modern terminal features: graphics images, unicode, true-col or, OpenType ligatures, mouse protocol, focus tracking, bracketed paste and several new...

4.4CVSS7AI score0.00384EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2025/03/21 12:0 a.m.4 views

The vulnerability of the xe_devcoredump_read() function in the drivers/gpu/drm/xe/xe_devcoredump.c kernel module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the xedevcoredumpread function in the drivers/gpu/drm/xe/xedevcoredump.c kernel module of the Linux operating system is related to the assignment of pointers. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.5CVSS5.6AI score0.00194EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/21 12:0 a.m.4 views

Vulnerability of the function ta_if_invoke_debugfs_write() in the drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c file of the Linux kernel, allowing a hacker to trigger a service failure

The vulnerability of the taifinvokedebugfswrite function in the drivers/gpu/drm/amd/amdgpu/amdgpupspta.c file of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.5CVSS6.8AI score0.0021EPSS
Exploits0References15Affected Software3
OSV
OSV
added 2025/03/19 11:44 p.m.14 views

MGASA-2025-0104 Updated chromium-browser-stable packages fix security vulnerabilities

High CVE-2025-1920: Type Confusion in V8. High CVE-2025-2135: Type Confusion in V8. Medium CVE-2025-2136: Use after free in Inspector. Medium CVE-2025-2137: Out of bounds read in V8...

8.8CVSS7.4AI score0.06387EPSS
Exploits1References3
Rows per page
Query Builder