Google Chrome stack overflow vulnerability (CNVD-2021-13235)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A stack overflow vulnerability exists in the GPU process in versions prior to Google Chrome 88.0.4324.182. No detailed vulnerability details are provided at this ti...

FreeBSD : chromium -- multiple vulnerabilities (48514901-711d-11eb-9846-e09467587c17)

Chrome Releases reports : This release contains 10 security fixes, including : - 1138143 High CVE-2021-21149: Stack overflow in Data Transfer. Reported by Ryoya Tsukasaki on 2020-10-14 - 1172192 High CVE-2021-21150: Use after free in Downloads. Reported by Woojin Oh@pwnexploit of STEALIEN on...

Chromium: CVE-2021-21153 Stack overflow in GPU Process

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: locking issue in drivers/tty/ttyjobctrl.c can lead to an use-after-free CVE-2020-29661 kernel: performance counters race condition use-after-free CVE-2020-14351 kernel: ICMP rate limiting...

NVIDIA Linux GPU Display (January 2021) (CVE-2021-1056)

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by a vulnerability in the kernel mode layer nvidia.ko in which it does not completely honor operating system file system permissions to provide GPU device-level isolation. Successful...

Security Bulletin: TensorFlow in Watson Machine Learning 1.6.2 and 1.7.0 has been patched for a security issue in nanopb.

Summary TensorFlow in Watson Machine Learning 1.6.2 and 1.7.0 has had various secuirty issue published for nanopb. These have been patched in the latest versions of TensorFlow. Vulnerability Details CVEID: CVE-2020-26243 DESCRIPTION: Nanopb is vulnerable to a denial of service, caused by a memory...

Qualcomm Graphics Access Control Error Vulnerability

Qualcomm Graphics is a Qualcomm graphics support firmware for use on processors. A security vulnerability exists in Qualcomm Graphics that stems from the use of mmap, where the kgsl driver has a special offset value that can be supplied to map the GPU memstore to user space...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.10.12 and fixes at least the following security issues: fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPL...

CentOS 8 : kernel (CESA-2019:3871)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:3871 advisory. - hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write CVE-2019-0155 Note that Nessus has not tested for this issue but has instead...

NVIDIA Gamers Face DoS, Data Loss from Shield TV Bugs

NVIDIA has newly disclosed three security vulnerabilities in the NVIDIA Shield TV, which could allow denial of service, escalation of privileges and data loss. The NVIDIA Shield TV is a set-top gadget that acts as a hub for the smart home, streams PC games from a gaming PC to a TV; and allows loc...

NVIDIA Windows GPU Display Driver (January 2021)

A display driver installed on the remote Windows host is affected by multiple vulnerabilities: - NVIDIA GPU Display Driver contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service o...

NVIDIA Linux GPU Display (January 2021)

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities: - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape or IOCTL in...

Updated nvidia-current packages fix security vulnerabilities

NVIDIA GPU Display Driver Linux contains a vulnerability in the kernel mode layer nvidia.ko IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure CVE‑2021‑1052. NVIDIA GPU Display Driver for...

MGASA-2021-0026 Updated nvidia390 packages fix security vulnerabilities

NVIDIA GPU Display Driver Linux contains a vulnerability in the kernel mode layer nvidia.ko IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure CVE‑2021‑1052. NVIDIA GPU Display Driver for...

Updated nvidia390 packages fix security vulnerabilities

NVIDIA GPU Display Driver Linux contains a vulnerability in the kernel mode layer nvidia.ko IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure CVE‑2021‑1052. NVIDIA GPU Display Driver for...

Ubuntu 18.04 LTS / 20.04 LTS : NVIDIA graphics drivers vulnerabilities (USN-4689-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4689-1 advisory. It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access...

Ubuntu: Security Advisory (USN-4689-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ASA-202101-19] nvidia-utils: multiple issues

Arch Linux Security Advisory ASA-202101-19 ========================================== Severity: High Date : 2021-01-12 CVE-ID : CVE-2021-1052 CVE-2021-1053 CVE-2021-1056 Package : nvidia-utils Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1417 Summary ======= The...

USN-4689-2: Linux kernel vulnerabilities

USN-4689-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed...

USN-4689-1: NVIDIA graphics drivers vulnerabilities

It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. CVE-2021-1052 It was discovered that the NVIDIA...