NVIDIA Linux GPU Display Driver contains missing permissions check and improper validation vulnerabilities - us

Lenovo Security Advisory: LEN-10962 Potential Impact: Privilege escalation Severity: Medium Scope of Impact: Industry-Wide CVE Identifier: CVE-2016-7382, CVE-2016-7389 Summary Description: The NVIDIA GPU Display Driver for Linux contains two privilege escalation vulnerabilities. CVE-2016-7382...

Kali Linux 2017.1 Release

As with all new releases, you have the common denominator of updated packages, an updated kernel that provides more and better hardware support, as well as a slew of updated tools – but this release has a few more surprises up its sleeve. Support for RTL8812AU Wireless Card Injection These driver...

USN-3268-1: QEMU vulnerabilities

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2016-10028 It was discovered that QEMU incorrectly handled the JAZZ RC4030 device. A privileged attacker...

Ubuntu: Security Advisory (USN-3261-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3261-1 qemu vulnerabilities

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 16.10. CVE-2016-10028, CVE-2016-10029 Li Qiang discovered...

CVE-2015-7740

Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service OS crash via vectors involving an application that passes crafted input to the GPU driver...

Design/Logic Flaw

Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service OS crash via vectors involving an application that passes crafted input to the GPU driver...

CVE-2015-7740

Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service OS crash via vectors involving an application that passes crafted input to the GPU driver...

PT-2017-2463 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.11.8 Description: The issue is related to a memory leak in the virtio gpu object create function, which can be exploited by attackers to cause a denial of service due to memory consumption. This can be achieved...

FreeBSD : NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler (057e6616-1885-11e7-bb4d-a0d3c19bfa21)

NVIDIA Unix security team reports : NVIDIA GPU Display Driver contains vulnerabilities in the kernel mode layer handler where multiple integer overflows, improper access control, and improper validation of a user input may cause a denial of service or potential escalation of privileges...

Assigning a GPU to a Windows VM using xe CLI

To assign a GPU to a Windows VM using xe CLI...

Out-of-bounds

The kbasedispatch function in arm/t7xx/r5p0/malikbasecorelinux.c in the GPU driver on Samsung devices with M6.0 and N7.0 software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362...

CVE-2017-5538

The kbasedispatch function in arm/t7xx/r5p0/malikbasecorelinux.c in the GPU driver on Samsung devices with M6.0 and N7.0 software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362...

CVE-2017-5538

CVE-2017-5538 affects Samsung devices running M(6.0)/N(7.0) with Exynos AP; vulnerable component is the GPU driver Mali kernel code (kbase_dispatch in arm/t7xx/r5p0/mali_kbase_core_linux.c). The issue is an out-of-bounds read triggered via unknown vectors, with unspecified impact. Exploitation de...

CVE-2017-5538

The kbasedispatch function in arm/t7xx/r5p0/malikbasecorelinux.c in the GPU driver on Samsung devices with M6.0 and N7.0 software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362...

The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure

The vulnerability of the virtiogpuresourceattachbacking function in the hw/display/virtio-gpu.c file of the QEMU hardware emulation software is related to a memory leak. Exploiting this vulnerability could allow an attacker, operating locally, to trigger a service failure memory consumption by...

The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure

The vulnerability of the virglresourceattachbacking function in the QEMU hardware/display/virtio-gpu-3d.c emulator is related to a memory leak. Exploiting this vulnerability can allow an attacker, operating locally, to cause a service failure memory consumption by using a large number of speciall...

The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure

The vulnerability of the virglcmdresourceunref function in the hw/display/virtio-gpu-3d.c part of the QEMU hardware emulation software is related to a memory leak. Exploiting this vulnerability allows an attacker to trigger a service failure memory consumption by using a large number of specially...

Fedora 24 : 2:qemu (2017-62ac1230f7)

CVE-2017-5525: audio: memory leakage in ac97 bz 1414110 - CVE-2017-5526: audio: memory leakage in es1370 bz 1414210 - CVE-2016-10155 watchdog: memory leakage in i6300esb bz 1415200 - CVE-2017-5552: virtio-gpu-3d: memory leakage bz 1415283 - CVE-2017-5667: sd: sdhci OOB access during multi block...

Fedora 25 : 2:qemu (2017-31b976672b)

CVE-2016-7907: net: imx: infinite loop bz 1381182 - CVE-2017-5525: audio: memory leakage in ac97 bz 1414110 - CVE-2017-5526: audio: memory leakage in es1370 bz 1414210 - CVE-2016-10155 watchdog: memory leakage in i6300esb bz 1415200 - CVE-2017-5552: virtio-gpu-3d: memory leakage bz 1415283 -...