UBUNTU-CVE-2016-10214

Memory leak in the virglresourceattachbacking function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service memory consumption via a large number of VIRTIOGPUCMDRESOURCEATTACHBACKING commands...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the NVIDIA GPU operating system for Android is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious actor to execute an application with privileges of the current user...

The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of the NVIDIA GPU operating system for Android is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to cause service failures or otherwise affect the system...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability related to privilege escalation in the NVIDIA GPU operating system for Android is linked to access control deficiencies. Exploiting this vulnerability allows a remote attacker to execute arbitrary code of a local malicious application within the kernel context. This issue is...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability related to privilege escalation in the NVIDIA GPU operating system for Android is linked to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code of a local malware application within the kernel context. This issue is...

CVE-2016-8428

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

DEBIAN-CVE-2016-9845

QEMU aka Quick Emulator built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIOGPUCMDGETCAPSETINFO' command. A guest user/process could use this flaw to leak contents of the host memory bytes...

QEMU 'virtio-gpu-3d.c' Denial of Service Vulnerability

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. QEMU's 'virtio-gpu-3d.c' file has a denial of service vulnerability that can be exploited by an attacker to cause a denial of service...

Qualcomm Adreno GPU MSM Driver Query Heap Overflow Vulnerability

A heap overflow vulnerability exists in the Qualcomm Adreno GPU MSM Driver, which can be exploited by an attacker to execute arbitrary code in the context of an application, which could also result in a denial of service...

Linux video memory DOS with Intel drivers — Mozilla

Security researcher Ucha Gobejishvili reported a denial of service DOS attack when doing certain WebGL operations in a canvas requiring an unusually large amount buffer to be allocated from video memory. This resulted in memory resource exhaustion with some Intel video cards, requiring the comput...

chromium-browser: Use-after-free related to unexpected GPU process termination in unspecified

Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown,...

chromium-browser: Scheme validation error in WebUI

content/browser/webui/contentwebuicontrollerfactory.cc in Google Chrome before 43.0.2357.130 does not properly consider the scheme in determining whether a URL is associated with a WebUI SiteInstance, which allows remote attackers to bypass intended access restrictions via a similar URL, as...

Gaming Company Settles on Bitcoin Mining Allegations

The ESEA League, an online competitive gaming community, has decided to settle with the state of New Jersey after the acting attorney general there alleged that the gaming community operator infected user-machines with malware designed to mine Bitcoins. The league is owned and managed by E-Sports...

AMD Blog Hacked, Database leaked on Internet

A team of Hackers called, "r00tBeer Security Team" today hack into official blog of Advanced Micro Devices AMD which is a American multinational semiconductor company. AMD is the second-largest global supplier of microprocessors based on the x86 architecture and also one of the largest suppliers ...

CVE-2011-3047

The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption by leveraging an error in the plug-in loading mechanism...

UBUNTU-CVE-2011-1302

Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors...

UBUNTU-CVE-2011-1301

Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors...

New Version of Google Chrome Fixes Flash Bug, Three Critical GPU Flaws

Google has released a new version of its Chrome browser that includes not only an updated version of Adobe Flash that fixes a critical bug, but also patches for three critical vulnerabilities in the browser’s GPU process. The new version of Chrome, which is version 10.0.648.205, includes the firs...

Microsoft Ships 12 Bulletins in February's Patch Tuesday

Microsoft addressed 22 flaws with 12 separate bulletins in February’s edition of Patch Tuesday, including three bulletins that were rated critical with the remaining nine rated as important. Among the programs affected are Microsoft Windows, Internet Explorer, Office, Visual Studio, and IIS. The...

USN-859-1: OpenJDK vulnerabilities

Dan Kaminsky discovered that SSL certificates signed with MD2 could be spoofed given enough time. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation in...