CVE-2025-33218

CVE-2025-33218 affects the NVIDIA GPU Display Driver for Windows, in the kernel-mode nvlddmkm.sys, where an integer overflow could enable a local attacker to achieve code execution, privilege escalation, data tampering, DoS, or information disclosure. Public advisories from NVIDIA enumerate affec...

CVE-2025-65890

A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS by calling flow.cuda.synchronize with an invalid or out-of-range GPU device index...

CVE-2025-65890

A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS by calling flow.cuda.synchronize with an invalid or out-of-range GPU device index...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255576. CVE-2023-53254:...

PT-2026-5172

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or...

CVE-2025-70999

A GPU device-ID validation flaw in the flow.cuda.getdevicecapability component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted device ID...

NVIDIA vGPU resource management error vulnerability

NVIDIA vGPU is a virtual GPU technology developed by NVIDIA Corporation in the United States. NVIDIA vGPU has a resource management vulnerability, which stems from issues with the virtual GPU manager regarding reusing resources after release. This vulnerability may lead to code execution, privile...

CVE-2025-65890

A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS by calling flow.cuda.synchronize with an invalid or out-of-range GPU device index...

PT-2026-5148

A GPU device-ID validation flaw in the flow.cuda.get device capability component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted device ID...

NVIDIA GPU Display Driver for Windows: Input validation error vulnerability

NVIDIA GPU Display Driver for Windows is a driver software developed by NVIDIA Corporation for interaction with the graphics card display module in Windows systems. NVIDIA GPU Display Driver for Windows has a vulnerability related to input validation errors. This vulnerability stems from an integ...

CVE-2025-65891

A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice DoS by invoking flow.cuda.getdeviceproperties with an invalid or negative device index...

CVE-2025-13952

A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the...

CVE-2025-13952 GPU DDK - libusc UAF via WebGPU shaders at MergeConsecutiveBarriersBP

A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the...

CVE-2025-13952

A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the...

SUSE-SU-2026:0263-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. - CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255576. -...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38354)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38354 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/msm/gpu: Fix crash when throttling G...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49901)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49901 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Assign msmgpu-pdev...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37853)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37853 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: debugfs hanghws skip GPU wit...

Azure Linux 3.0 Security Update: hyperv-daemons / kernel (CVE-2024-26986)

The version of hyperv-daemons / kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26986 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory...

MiracleLinux 9 : kernel-5.14.0-162.12.1.el9_1 (AXSA:2023-4976:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4976:04 advisory. kernel: watch queue race condition can lead to privilege escalation CVE-2022-2959 kernel: memory corruption in AX88179178A based USB ethernet device...