CVE-2020-5957

NVIDIA CVE-2020-5957 affects the Windows GPU Display Driver, specifically the NVIDIA Control Panel component. A local attacker can corrupt a system file, yielding denial of service or privilege escalation. Affected products include NVIDIA GeForce/Quadro/NVS/Tesla drivers for Windows (all R440/R43...

CVE-2020-5957

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...

[SECURITY] [DLA 2114-1] linux-4.9 security update

Package : linux-4.9 Version : 4.9.210-1deb8u1 CVE ID : CVE-2018-13093 CVE-2018-13094 CVE-2018-20976 CVE-2018-21008 CVE-2019-0136 CVE-2019-2215 CVE-2019-10220 CVE-2019-14615 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14895 CVE-2019-14896 CVE-2019-14897 CVE-2019-14901 CVE-2019-15098...

Security Bulletin: NVIDIA GPU Display Driver - February 2020

NVIDIA has released a software security update for NVIDIA GPU Display Driver. This update addresses issues that may lead to denial of service, escalation of privileges, or information disclosure. To protect your system, download and install this software update through the NVIDIA Driver Downloads...

HPSBHF03657 rev. 3 - NVIDIA GPU Display Driver February 2020 Security Updates

Potential Security Impact Denial of Service, Escalation of Privileges, Code Execution, Information Disclosure. Source: HP, HP Product Security Response Team PSRT Reported By: NVIDIA VULNERABILITY SUMMARY NVIDIA has informed HP of potential security vulnerabilities in the NVIDIA GPU Display Driver...

kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation

A flaw was found in the Linux kernel's implementation of GVT-g which allowed an attacker with access to a 'passed through' Intel i915 graphics card to possibly access resources allocated to other virtual machines, crash the host, or possibly corrupt memory leading to privilege escalation...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4284-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4284-1 advisory. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacke...

Ubuntu: Security Advisory (USN-4284-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4285-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4285-1 advisory. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacke...

USN-4287-2 linux-azure vulnerabilities

USN-4287-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches...

USN-4285-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that the HSA Linux kernel driver for AMD GPU devices did not...

Updated kernel-linus packages fix security vulnerabilities

This update provides upstream 5.4.20, adding support for new hardware and features, and resolves at least the following security issues: In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This...

CVE-2019-10567

There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could allow unintended GPU opcodes to be executed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

Code injection

There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could allow unintended GPU opcodes to be executed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

CVE-2019-10567

CVE-2019-10567 affects Qualcomm Adreno GPU kernel driver (KGSL) where a randomized scratch buffer in the global shared mappings is used to store the RPTR for the ringbuffer. The attack leverages the RPTR read from scratch to influence ringbuffer space checks, allowing an attacker-controlled RPTR ...

CVE-2019-10567

There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could allow unintended GPU opcodes to be executed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

CVE-2019-16229

A NULL pointer dereference flaw was found in kfdinterruptinit in drivers/gpu/drm/amd/amdkfd/kfdinterrupt.c in AMD GPU driver. Here a call to allocworkqueue return was not validated and can cause a denial of service at the time of failure. This could allow an attacker to crash the system or leak...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4258-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4258-1 advisory. It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically...

USN-4258-1: Linux kernel vulnerabilities

It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2019-15099 It was discovered that a race condition existed in the...

NVIDIA Windows GPU Display Driver (August 2019)

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by an out of bounds access vulnerability due to a shader local temporary array, which may lead to denial of service or code execution. C Tenable Network Security, Inc...