ARM Mali GPU Kernel Driver < r44p1 Improper Memory Access (CVE-2023-33200)

The version of the Mali GPU Kernel Driver installed on the remote system is prior to r44p1 or r45p0 running on Bifrost, Valhall or 5th Gen architecture. It is, therefore affected by a improper memory access vulnerability. A local non-privileged user can make improper GPU processing operations to...

ARM Mali GPU Kernel Driver r44p0 Improper Memory Access (CVE-2023-34970)

The version of the Mali GPU Kernel Driver installed on the remote system is prior to r44p1 or r45p0 running on Valhall or 5th Gen architecture. It is, therefore affected by a improper memory access vulnerability. A local non-privileged user can make improper GPU processing operations to access a...

CVE-2023-4211 Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations

A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory...

CVE-2023-4211 Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations

A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory...

The vulnerability of the win32kfull driver of the Windows GDI component allows attackers to gain increased privileges.

The vulnerability of the win32kfull driver of the Windows GDI component on Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

CVE-2023-40218

An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application...

Integer overflow

An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application...

kernel: Linux kernel iavf driver: Denial of Service via use-after-free vulnerability

A flaw was found in the Linux kernel's iavf driver. A local user with administrative capabilities can exploit a use-after-free vulnerability, caused by a mismatch in network interface NAPI list management functions. This can lead to dangling NAPI entries, resulting in a kernel crash and a Denial ...

SAMSUNG Exynos Input Validation Error Vulnerability

SAMSUNG Exynos is a SoC, Arm architecture-based processor developed and manufactured by Samsung Mobile, a South Korean company. A security vulnerability exists in SAMSUNG Exynos, which is caused by an integer overflow in the kernel driver that can be exploited by a crafted application to bypass...

PT-2023-27334 · Samsung · Samsung Mobile Processor Exynos

Name of the Vulnerable Software and Affected Versions: Samsung Exynos Mobile Processor versions 1280, 1380, 2100, 2200, 980, 9820 Description: An issue was discovered in the NPU kernel driver, allowing an integer overflow to bypass detection of error cases via a crafted application...

CVE-2023-40218

CVE-2023-40218 affects Samsung Exynos Mobile Processor NPU kernel driver. The issue is an integer overflow in the kernel driver that can bypass detection of error cases when a crafted application is used. Affected devices include Exynos 9820, 980, 2100, 2200, 1280, and 1380. The impact is describ...

CVE-2023-40218

An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5917)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5917 advisory. 4.1.12-124.44.4.1 - powercap: restrict energy meter to root access Kanth Ghatraju Orabug: 32040806 CVE-2020-8694 CVE-2020-8695 Tenable has extracte...

Phoenix Technologies Windows kernel driver vulnerable to insufficient access control on its IOCTL

Overview Some of the Windows kernel drivers provided by Phoenix Technologies Inc. is vulnerable to insufficient access control on its IOCTL CWE-782, CVE-2023-35841. Takahiro Haruyama of VMware reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact By sending a...

Exploit for CVE-2023-20562

HITCON 2023 Demo CVE-2023-20562 Description This demonstra...

CVE-2023-28576 Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Kernel Driver

The buffer obtained from kernel APIs such as cammemgetcpubuf may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header e.g. header.count, causing checks e.g. size checks in kernel code to be invalid. This may lead to...

CVE-2023-28576 Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Kernel Driver

The buffer obtained from kernel APIs such as cammemgetcpubuf may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header e.g. header.count, causing checks e.g. size checks in kernel code to be invalid. This may lead to...

CVE-2021-0948

The PVRSRVBridgeGetMultiCoreInfo ioctl in the PowerVR kernel driver can return uninitialized kernel memory to user space. The contents of this memory could contain sensitive information...

Information disclosure

The PVRSRVBridgeGetMultiCoreInfo ioctl in the PowerVR kernel driver can return uninitialized kernel memory to user space. The contents of this memory could contain sensitive information...

CVE-2021-0948

The PVRSRVBridgeGetMultiCoreInfo ioctl in the PowerVR kernel driver can return uninitialized kernel memory to user space. The contents of this memory could contain sensitive information...