PT-2023-28367 · Samsung · Exynos 2200

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor Exynos 2200 Description: The issue allows a GPU Use After Free. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was...

PT-2023-24145 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon processors affected versions not specified Description: The issue is related to memory corruption in Graphics while processing user packets for command submission. This can potentially lead to security risks, but specific...

PT-2023-28274 · Arm · Arm Mali Gpu Kernel Driver

Name of the Vulnerable Software and Affected Versions: Arm Mali GPU Kernel Driver versions affected versions not specified Description: A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. The issue is currently under active...

PT-2023-4667 · Freerdp · Freerdp

Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 3.0.0-beta3 Description: The issue is related to a Use-After-Free in processing RDPGFX CMDID RESETGRAPHICS packets. If context-maxPlaneSize is 0, context-planesBuffer will be freed, but without updating...

CVE-2021-46890

Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability...

PT-2023-12610 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns incomplete read and write permission verification in the GPU module. Successful exploitation may affect service confidentiality,...

CVE-2023-28469

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0...

CVE-2023-28147

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and...

PT-2023-16072 · Nvidia +1 · Nvidia Gpu Display Driver +1

Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Linux affected versions not specified Description: The issue is related to a NULL pointer dereference in the kernel mode layer of the NVIDIA GPU Display Driver for Linux, which may lead to denial of service...

USN-6032-1 linux-oem-6.0 vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-36280 Gerald Lee discovered that the USB Gadget file system implementation in the...

UBUNTU-CVE-2023-0181

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +80 more potentially affected by CVE-2023-25666 via tensorflow-gpu (>=1.10.1 <=2.0.4)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =1.0.0, =0.0.1, =0.0.2, =0.6.7, =0.1.2, =0.1.0, =0.1.2 - dragonn =0.4.2 and more Source cves: CVE-2023-25666 Source advisory: OSV:GHSA-F637-VH3R-VFH2...

SUSE CVE-2022-22075

Information Disclosure in Graphics during GPU context switch...

In the Linux kernel before 5.19 drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case whereas it is actually an error pointer).

...

SUSE CVE-2015-1272

Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown,...

SUSE CVE-2023-0699

Use after free in GPU in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page and browser shutdown. Chromium security severity: Medium...

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and often fabricated on the surface of semiconductor wafers. A security vulnerability exists in the Qualcomm chip gpu driver, which stems from...

UBUNTU-CVE-2023-0699

Use after free in GPU in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page and browser shutdown. Chromium security severity: Medium...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in versions prior to Google Chrome 110.0.5481.77 that originates from reuse after release in the GPU. An attacker exploits the vulnerability to cause heap corruption via specially crafted HTML...

CVE-2022-46891

An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0...