kernel: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()

A flaw was found in the Linux kernel's AMD Kernel Fusion Driver AMDKFD. In specific error conditions, an object holding a NULL value is used, causing a NULL pointer dereference and resulting in a denial of service...

ARM Valhall GPU Kernel Driver and ARM Mali GPU Driver Resource Management Error Vulnerability

The ARM Valhall GPU Kernel Driver and ARM Mali GPU Driver are both products of ARM UK.The Valhall GPU Kernel Driver is a Valhall GPU kernel driver.The ARM Mali GPU Driver is a driver to support the Mali GPU. The ARM Mali GPU Driver is a driver to support Mali GPUs. A resource management error...

Rocky Linux 8 : kernel-rt (RLSA-2022:0819)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0819 advisory. - In unixscmtoskb of afunix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with...

Rocky Linux 8 : kernel (RLSA-2023:0101)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0101 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple...

Huawei HarmonyOS Buffer Error Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a buffer error vulnerability that stems from an out-of-bounds write issue in the kernel driver module...

Huawei HarmonyOS Buffer Error Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a buffer error vulnerability that stems from an out-of-bounds write issue in the kernel driver module...

Huawei HarmonyOS Buffer Error Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a buffer error vulnerability that stems from an out-of-bounds write issue in the kernel driver module...

Huawei HarmonyOS Buffer Error Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a buffer error vulnerability that stems from an out-of-bounds write issue in the kernel driver module...

October 26, 2023—KB5031445 (OS Build 19045.3636) Preview

October 26, 2023—KB5031445 OS Build 19045.3636 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...

AMD Radeon™ Graphics Kernel Driver Privilege Management Vulnerability

Bulletin ID: AMD-SB-6009 Potential Impact: Arbitrary code execution Severity: High Summary A potential vulnerability was reported in the AMD Radeon™ Software Adrenalin Edition and PRO Edition kernel pdfwkrnl.sys driver which may allow arbitrary code execution. Current AMD analysis shows the attac...

Stack overflow

An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 aka AGRSM64.sys. There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory IOCTL 0x1b2150. An attacker can exploit this to elevate privileges from a medium-integrity process to...

CVE-2023-31096

An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 aka AGRSM64.sys. There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory IOCTL 0x1b2150. An attacker can exploit this to elevate privileges from a medium-integrity process to...

PT-2023-23152

Name of the Vulnerable Software and Affected Versions Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver versions through 2.2.100.1 Description An issue exists in the Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver AGRSM64.sys that allows for local privilege escalation to SYSTEM privileges. This i...

Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver Buffer Error Vulnerability

Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver is a driver from Broadcom Corporation USA. A security vulnerability exists in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver version 2.2.100.1 and earlier, which stems from the presence of a stack overflow vulnerability. An attacker could exploit...

CVE-2023-31096

CVE-2023-31096 affects Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver (AGRSM64.sys) up to version 2.2.100.1, enabling Local Privilege Escalation to SYSTEM via a stack overflow in RTLCopyMemory (IOCTL 0x1b2150). The issue can bypass kernel protections (AV, PPL) and may be used in BYOVD ransomwar...

CVE-2023-34970 Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations

A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory...

CVE-2023-34970 Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations

A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory...

CVE-2023-33200 Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations

A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory...

Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation

Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days have come under active exploitation. Of the 17 flaws, three are rated Critical, 13 are rated High, and one is rated Medium in severity. "There are...

Arm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing Exploitation

Arm has released security patches to contain a security flaw in the Mali GPU Kernel Driver that has come under active exploitation in the wild. Tracked as CVE-2023-4211, the shortcoming impacts the following driver versions - Midgard GPU Kernel Driver: All versions from r12p0 - r32p0 Bifrost GPU...