CVE-2026-7955

CVE-2026-7955 refers to an uninitialized use in the GPU path of Google Chrome before Chrome 148.0.7778.96. The issue could allow a remote attacker who has already compromised the renderer process to read potentially sensitive information from process memory via a crafted HTML page. Affected produ...

CVE-2026-7955

Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

PT-2026-38213

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.96 Description An uninitialized use in the GPU allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory through a...

CVE-2026-24082

CVE-2026-24082 concerns a memory corruption (use-after-free) issue in an Automotive GPU, triggered when copying data from a freed source during a performance counter deselect operation. The connected records specify a memory corruption vulnerability with CVSSv3.1 base score 7.8 (HIGH), attack vec...

EUVD-2026-26664

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

Fedora 42 : chromium (2026-2a5d3e5194)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2a5d3e5194 advisory. Update to 147.0.7727.116 High CVE-2026-6919: Use after free in DevTools High CVE-2026-6920: Out of bounds read in GPU Medium CVE-2026-6921: Race in...

DEBIAN-CVE-2026-7357

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-7333

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 147.0.7727.138, there was a resource management vulnerability that stemmed from the reuse of GPU components after they were released. This vulnerability could allow remote attackers to execute a sandbox escape through a...

CVE-2026-31690 firmware: thead: Fix buffer overflow and use standard endian macros

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...

EUVD-2026-25887

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...

PT-2026-35496

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...

CVE-2026-31550

A flaw was found in the Linux kernel's bcm2835-power component. An insufficient timeout during the ASB Advanced System Bus bridge control process, particularly under heavy system load, can prevent the V3D graphics processor from properly disabling. This can leave the V3D in an unstable state,...

CVE-2026-6920

Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6314

An out of bounds write flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498782145...

CVE-2026-6314

CVE-2026-6314 affects Google Chrome’s GPU process. An out-of-bounds write in the GPU code prior to version 147.0.7727.101 could allow a remote attacker with GPU process access to potentially escape the sandbox via a crafted HTML page. Impact is a sandbox escape risk as described in the entry. Aff...

UBUNTU-CVE-2026-23469

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU The runtime PM suspend callback doesn't know whether the IRQ handler is in progress on a different CPU core and doesn't wait for it to finish. Depending on timing,...

Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-8143-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8143-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-8143-2 linux-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - GPU drivers; - BTRFS file system; - GFS2 file system; - UDF file system; - NFC subsystem; -...

PT-2026-35857

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.138 Description A use after free issue exists in the GPU component. This occurs when a program continues to use a pointer after it has been freed, which can lead to heap corruption. A remote attacker...