CVE-2017-6269

CVE-2017-6269 affects the NVIDIA Windows GPU Display Driver, specifically the kernel mode layer handler nvlddmkm.sys for DxgkDdiEscape. The issue arises when a pointer passed from user mode is used without validation, which may enable denial of service or elevation of privileges. Public sources c...

UBUNTU-CVE-2017-6267

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect initialization of internal objects can cause an infinite loop which may lead to a denial of service...

UBUNTU-CVE-2017-6272

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to a denial of service or possible escalation of privileges...

UBUNTU-CVE-2017-6266

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where improper access controls could allow unprivileged users to cause a denial of service...

Security Bulletin: NVIDIA GPU contains multiple vulnerabilities in the kernel mode layer handler

Vulnerability Details The following sections summarize the vulnerabilities. Descriptions use CWE™ and risk assessments follow CVSS. CVE-2017-6269 NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape where a pointer passed from ...

USN-3414-1 qemu vulnerabilities

Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges inside the guest. CVE-2017-7493 Li Qiang discovered that QEMU incorrectly handled VMWare PVSCSI emulation. A privileged attacker inside the guest could use this...

CrackLord - Queue and Resource System For Cracking Passwords

CrackLord is a system designed to provide a scalable, pluggable, and distributed system for both password cracking as well as any other jobs needing lots of computing resources. Better said, CrackLord is a way to load balance the resources, such as CPU, GPU, Network, etc. from multiple hardware...

Lazy async SVG rasterisation

Phwoar I love a good sciency-sounding title. SVG can be slow When transforming an SVG image, browsers try to render on every frame to keep the image as sharp as possible. Unfortunately SVG rendering can be slow, especially for non-trivial images. Here's a demo, press "Scale SVG". Devtools timelin...

Lazy async SVG rasterisation

Phwoar I love a good sciency-sounding title. SVG can be slow When transforming an SVG image, browsers try to render on every frame to keep the image as sharp as possible. Unfortunately SVG rendering can be slow, especially for non-trivial images. Here's a demo, press "Scale SVG". Devtools timelin...

NVIDIA Linux GPU Display Driver 375.8x < 375.82 / 375.7x < 375.74 / 384.x < 384.59 Multiple Vulnerabilities

Nvidia GPU Display driver vulnerabilities may lead to denial of service or possible escalation of Privileges. To exploit these vulnerabilities an attacker would send a malicious request to an affected application or interact with an affected application. If successfully exploited, these...

NVIDIA Windows GPU Display Driver 375.x < 377.55 / 384.x < 384.94 / 385.x < 385.08 Multiple Vulnerabilities

Nvidia GPU Display driver vulnerabilities may lead to denial of service or possible escalation of Privileges. To exploit these vulnerabilities an attacker would send a malicious request to an affected application or interact with an affected application. If successfully exploited, these...

USN-3392-1 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon regression

USN-3378-1 fixed vulnerabilities in the Linux kernel. Unfortunately, a regression was introduced that prevented conntrack from working correctly in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Fan Wu and Shixiong Zhao discovered a...

MGASA-2017-0260 Updated kernel-linus packages fixes security and other bugs

This kernel-linus update is based on upstream 4.4.79 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...

Updated kernel-tmb packages fixes security and other bugs

This kernel-tmb update is based on upstream 4.4.79 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...

Updated kernel-linus packages fixes security and other bugs

This kernel-linus update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...

Updated kernel-tmb packages fixes security and other bugs

This kernel-tmb update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...

Privilege escalation

A elevation of privilege vulnerability in the MediaTek gpu driver. Product: Android. Versions: Android kernel. Android ID: A-32458601. References: M-ALPS03007523...

CVE-2017-0741

A elevation of privilege vulnerability in the MediaTek gpu driver. Product: Android. Versions: Android kernel. Android ID: A-32458601. References: M-ALPS03007523...

CVE-2017-0741

CVE-2017-0741 is a MediaTek GPU driver elevation-of-privilege vulnerability affecting Android kernel space. Affected component: MediaTek GPU driver within Android. Impact: local privilege escalation as described in the CVE; no explicit exploit details provided in the documents. Remediation: Andro...

[SECURITY] [DSA 3927-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3927-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 07, 2017 https://www.debian.org/security/faq -...