Design/Logic Flaw

Arm Mali GPU Kernel Driver Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0 allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes...

CVE-2021-44828

Arm Mali GPU Kernel Driver Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0 allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes...

PT-2022-6514

Name of the Vulnerable Software and Affected Versions Arm Mali GPU Kernel Driver versions r26p0 through r31p0 Arm Mali GPU Kernel Driver versions r0p0 through r35p0 Arm Mali GPU Kernel Driver versions r19p0 through r35p0 Description The Arm Mali GPU Kernel Driver has a vulnerability related to...

VulnCheck KEV: CVE-2022-22706

Arm Mali GPU Kernel Driver contains an unspecified vulnerability that allows a non-privileged user to achieve write access to read-only memory pages...

kernel: nvmet-rdma: Fix NULL deref when SEND is completed with error

A flaw was found in an error-handling function in the Linux kernel's NVMe driver. This flaw allows an attacker with control over NVMe links to cause a denial of service...

Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability

Arm Mali Graphics Processing Unit GPU kernel driver contains a use-after-free vulnerability that may allow a non-privileged user to make improper operations on GPU memory to gain root privilege, and/or disclose information...

CVE-2021-1121

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel driver, where a vGPU can cause resource starvation among other vGPUs hosted on the same GPU, which may lead to denial of service...

Design/Logic Flaw

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel driver, where a vGPU can cause resource starvation among other vGPUs hosted on the same GPU, which may lead to denial of service...

Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection

Microsoft has discovered a vulnerability that could allow an attacker to bypass System Integrity Protection SIP in macOS and perform arbitrary operations on a device. We also found a similar technique that could allow an attacker to elevate their privileges to root an affected device. We shared...

Security Bulletin: NVIDIA GPU Display Driver - October 2021

NVIDIA has released a software security update for NVIDIA GPU Display Driver. This update addresses issues that may lead to multiple security impacts. To protect your system, download and install this software update through the NVIDIA Driver Downloads page or, for the vGPU software update, throu...

Update Your Windows PCs Immediately to Patch New 0-Day Under Active Attack

Microsoft on Tuesday rolled out security patches to contain a total of 71 vulnerabilities in Microsoft Windows and other software, including a fix for an actively exploited privilege escalation vulnerability that could be exploited in conjunction with remote code execution bugs to take control ov...

Windows Zero-Day Actively Exploited in Widespread Espionage Campaign

Researchers have discovered a zero-day exploit for Microsoft Windows that was being used to elevate privileges and take over Windows servers as part of a Chinese-speaking advanced persistent threat APT espionage campaign this summer. The exploit chain ended with a freshly discovered remote access...

CVE-2021-25475

A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25475

A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...

Heap overflow

A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25475

Summary of CVE-2021-25475 : The issue is a heap-based buffer overflow in the DSP kernel driver, before Samsung SMR Oct-2021 Release 1. This flaw can lead to arbitrary memory writes and code execution within the kernel context on affected Samsung devices. Affected component: DSP kernel driver. Roo...

CVE-2021-25467

CVE-2021-25467 describes a potential buffer overflow in the Vision DSP kernel driver (Samsung devices) before SMR Oct-2021 Release 1, enabling privilege escalation to root via hijacking a loaded library. The incident is tied to local exploit scenarios, with impact described as high for confidenti...

CVE-2021-25467

Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library...

Samsung SMR 缓冲区错误漏洞

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A security vulnerability exists in versions prior to Samsung SMR Oct-2021 Release 1, which originates from a heap-based buffer overflow in the DSP kernel driver that allows arbitra...

The vulnerability of the Nosy driver, a kernel driver for the Linux operating system, allows a hacker to increase their privileges.

The vulnerability of the Nosy kernel driver in the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...