azureml-designer-recommender-modules (=0.0.1), monk-cuda100 (=0.0.1) +9 more potentially affected by CVE-2020-5215 via tensorflow-gpu (=2.0.0)

tensorflow-gpu PYPI version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - azureml-designer-recommender-modules =0.0.1 - monk-cuda100 =0.0.1 - monk-cuda100-test =0.0.1 - monk-cuda101 =0.0.1 -...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +42 more potentially affected by CVE-2020-5215 via tensorflow-gpu (>=1.10.1 <=1.15.0)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.1.0, =0.1.0, =1.0.0, =0.2.3, =0.0.1, =0.0.7, =0.1.0, =0.1.5 and more Source cves: CVE-2020-5215 Source advisory: OSV:PYSEC-2020-338...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +42 more potentially affected by CVE-2020-5215 via tensorflow-gpu (>=1.10.1 <=1.15.0)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.1.0, =0.1.0, =1.0.0, =0.2.3, =0.0.1, =0.0.7, =0.1.0, =0.1.5 and more Source cves: CVE-2020-5215 Source advisory: OSV:GHSA-977J-XJ7Q-2JR9...

RHEL 8 : kernel (RHSA-2020:0204)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0204 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: hw: Machine Check Error on Page Size...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1526)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write

A flaw was found in the Intel graphics hardware GPU, where a local attacker with the ability to issue commands to the GPU could inadvertently lead to memory corruption and possible privilege escalation. The attacker could use the GPU blitter to perform privilege MMIO operations, not limited to th...

CVE-2019-19083

A memory leak flaw was found in the Linux kernel. A system crash occurs under very specific, hard to obtain conditions, when the AMD GPU Display Engine configuration initialization handles resource cleaning when a failure occurs. The highest threat from this vulnerability is system availability...

Updated kernel packages fix security vulnerabilities

This update is based on upstream 5.4.12 and fixes at least the following security vulnerabilities: Intel GPU Hardware prior to Gen11 does not clear EU state during a context switch. This can result in information leakage between contexts CVE-2019-14615. A heap-based buffer overflow was discovered...

MGASA-2020-0041 Updated kernel packages fix security vulnerabilities

This update is based on upstream 5.4.12 and fixes at least the following security vulnerabilities: Intel GPU Hardware prior to Gen11 does not clear EU state during a context switch. This can result in information leakage between contexts CVE-2019-14615. A heap-based buffer overflow was discovered...

CVE-2020-7053

In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 and 5.x before 5.2, there is a use-after-free write in the i915ppgttclose function in drivers/gpu/drm/i915/i915gemgtt.c, aka CID-7dc40713618c. This is related to i915gemcontextdestroyioctl in...

Updated kernel packages fix security vulnerabilities

This update is based on upstream 5.4.6 and fixes various potential security issues related to buffer overflows, double frees, NUll pointer dereferences, improper / missing input validations and so on. It also adds other bugfixes all over the kernel. Other fixes added in this update: - x86/MCE/AMD...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +35 more potentially affected by CVE-2019-16778 via tensorflow-gpu (>=1.10.1 <=1.14.0)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.1.0, =1.0.0, =0.2.3, =0.0.1, =0.0.7, =0.1.0, =0.6.0, =0.0.1, =0.0.10 and more Source cves: CVE-2019-16778 Source advisory: OSV:PYSEC-2019-234...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +35 more potentially affected by CVE-2019-16778 via tensorflow-gpu (>=1.10.1 <=1.14.0)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.1.0, =1.0.0, =0.2.3, =0.0.1, =0.0.7, =0.1.0, =0.6.0, =0.0.1, =0.0.10 and more Source cves: CVE-2019-16778 Source advisory: OSV:GHSA-844W-J86R-4X2J...

HPSBHF03645 rev. 3 - NVIDIA GPU Display Driver Vulnerabilities 2019

Potential Security Impact Denial of service, escalation of privilege, unauthorized code execution, or information disclosure. Source: HP, HP Product Security Response Team PSRT Reported By: NVIDIA VULNERABILITY SUMMARY HP has been notified of potential security vulnerabilities with the GPU Displa...

CVE-2019-10545

Null pointer dereference issue in kernel due to missing check related to LLC support in GPU in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS605, SDM670, SDM710, SM6150, SM7150, SM8150...

CVE-2019-10520

An unprivileged application can allocate GPU memory by calling memory allocation ioctl function and can exhaust all the memory which results in out of memory in Snapdragon Mobile, Snapdragon Voice & Music in QCS405, SD 210/SD 212/SD 205, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / ...

Null pointer dereference

Null pointer dereference issue in kernel due to missing check related to LLC support in GPU in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS605, SDM670, SDM710, SM6150, SM7150, SM8150...

Design/Logic Flaw

An unprivileged application can allocate GPU memory by calling memory allocation ioctl function and can exhaust all the memory which results in out of memory in Snapdragon Mobile, Snapdragon Voice & Music in QCS405, SD 210/SD 212/SD 205, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / ...

CVE-2019-10545

Null pointer dereference issue in kernel due to missing check related to LLC support in GPU in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS605, SDM670, SDM710, SM6150, SM7150, SM8150...

CVE-2019-10520

The CVE-2019-10520 issue is a local, memory-allocator-based vulnerability described as an unprivileged app being able to allocate GPU memory via a memory allocation ioctl, potentially exhausting all memory and causing out-of-memory on Snapdragon devices (Mobile/Voice & Music) across multiple SDM/...