CVE-2019-9111

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in sdeevtlogfilterwrite in drivers/gpu/drm/msm/sdedbg.c. This is exploitable for a device crash via a syscall by...

Security Bulletin: NVIDIA GPU Display Driver - February 2019

NVIDIA has released a software security update for the NVIDIA GPU Display Driver. This update addresses issues that may lead to denial of service, escalation of privileges, code execution, or information disclosure. To protect your system, download and install this software update through NVIDIA...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-203)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-3459,CVE-2019-3460: Two information leaks in the bluetooth stack were fixed. bnc1120758. - CVE-2019-7221: A use-after-free in the KVM nVMX hrtimer was fixed...

Photon OS 2.0: Linux PHSA-2018-2.0-0037-(a)

An update of the linux package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0037-a. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

kernel security, bug fix, and enhancement update

3.10.0-957.5.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.5.1 - fs revert 'fs sunrpc: Ensure we always close the socket after a...

CVE-2018-20669

A flaw was found in the Linux kernel where a provided address with accessok is not checked before accessing userspace data in certain situations. Lack of such checks in i915gemexecbuffer2ioctl in drivers/gpu/drm/i915/i915gemexecbuffer.c may allow a local unprivileged attacker to possible escalate...

CVE-2018-17470

A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

CVE-2018-17470

A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

UBUNTU-CVE-2018-17470

A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

CVE-2018-17470

A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

Heap overflow

A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

CVE-2018-17470

CVE-2018-17470 is a memory corruption bug in the GPU backend of Chromium/Google Chrome, before version 70.0.3538.67. A remote attacker who can render a crafted HTML page could potentially escape the sandbox. Publicly documented details across Debian security advisories and Arch Linux security not...

CVE-2018-17470

A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

CVE-2018-17470

Removed by vendor...

Apple IntelHD5000 Graphics Process Token Privilege Escalation Vulnerability

Summary A memory corruption vulnerability exists in the IntelHD5000 kernel extension when dealing with graphics resources inside of OSX 10.13.4. A library inserted into the VLC media application can cause an out-of-bounds access inside of the KEXT leading to a use after free and invalid memory...

Apple IntelHD5000 Graphics Delete Resource Privilege Escalation Vulnerability

Summary A memory corruption vulnerability exists in the IntelHD5000 kernel extension when dealing with graphics resources inside of OSX 10.13.4. A library inserted into the VLC media application can cause an out-of-bounds access inside of the KEXT leading to a use after free and invalid memory...

The vulnerability of the Microsoft RemoteFX Virtual GPU driver in the Windows operating system allows a hacker to execute arbitrary code with elevated privileges.

The vulnerability of the Microsoft RemoteFX Virtual GPU driver for the Windows operating system is related to errors in processing objects in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code with elevated privileges...

Important: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

chromium-browser: Use-after-free in GPU

Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

openSUSE: Security Advisory for chromium (openSUSE-SU-2018:3871-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...