CVE-2026-46156

CVE-2026-46156 affects the Linux kernel LoongArch implementation, specifically loongson_gpu_fixup_dma_hang(), where the code may read device registers using an incorrect base (base+PCI_DEVICE_ID) when a discrete GPU is present. This causes ADE and can trigger a kernel panic, leading to local DoS....

EUVD-2026-32783

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix potential ADE in loongsongpufixupdmahang The switch case in loongsongpufixupdmahang may not DC2 or DC3, and readlcrtcreg will access with random address, because the "device" is from "base+PCIDEVICEID", "base" is...

PT-2026-44628

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An uninitialized use in the GPU allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page. Recommendations Upda...

PT-2026-44564

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An uninitialized use in the GPU allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update...

PT-2026-44630

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in the GPU component allows a remote attacker who has compromised the renderer process to execute arbitrary code. This is achieved through the use of a specially...

Linux Distros Unpatched Vulnerability : CVE-2026-24198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause...

PT-2026-44279

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the LoongArch architecture where the loongson gpu fixup dma hang function may fail to handle certain switch cases. This can lead to an Address Detection Error ADE...

CVE-2026-45947

A flaw was found in the Linux kernel's AMD GPU display drm/amdgpu component. This vulnerability involves a memory leak within the amdgpuacpienumeratexcc function. When certain errors occur during the initialization process, the system fails to properly release allocated memory. This oversight can...

swimtrack-poc

SwimTrack PoC This directory contains a proof of concept for...

CVE-2026-24198

NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive information to an unauthorized actor. A successful exploit of this vulnerability might lead to denial of...

CVE-2026-24201

NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause an out-of-bound access. A successful exploit of this vulnerability might lead to data tampering, denial of service, or information disclosure...

CVE-2026-24190

NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, a...

CVE-2026-45853

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocation. Using kfree to release vmalloc memor...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a buffer overflow vulnerability, which was caused by GPU out-of-bound writes. This vulnerability could allow remote attackers with compromised rendering processes to execute a sandb...

Ubuntu 24.04 LTS / 25.10 : Linux kernel (Azure) vulnerabilities (USN-8310-1)

"The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8310-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy...

PT-2026-44639

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in the GPU component allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the use ...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the reuse of GPU components after they were released, which could allow remote attackers to execute arbitrary co...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability caused by improper implementation in the GPU. This vulnerability could allow remote attackers to obtain sensitive information from the...

CVE-2026-45979

drm/amdgpu: clean up the amdgpucsparserbos...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a buffer overflow vulnerability. This vulnerability stemmed from out-of-bounds read operations in the GPU, which could allow remote attackers to execute a sandbox escape by using a...