CVE-2024-0078

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference in the host, which may lead to denial of service...

CVE-2024-0078 CVE

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference in the host, which may lead to denial of service...

CVE-2024-0073

CVE-2024-0073 concerns the NVIDIA GPU Display Driver for Windows. The vulnerability resides in the kernel‑mode layer when the driver performs an operation at a privilege level higher than the minimum required. The impact, as described, includes code execution, denial of service, privilege escalat...

CVE-2024-0073 CVE

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer when the driver is performing an operation at a privilege level that is higher than the minimum level required. A successful exploit of this vulnerability may lead to code execution, denial of service,...

CVE-2024-0073 CVE

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer when the driver is performing an operation at a privilege level that is higher than the minimum level required. A successful exploit of this vulnerability may lead to code execution, denial of service,...

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpfxdpadjusttail and memory type is set to MEMTYPEXSKBUFFPOOL, null ptr dereference happens: 1136314.192256 BUG: kernel NULL pointer...

NVIDIA Linux GPU Display Driver (February 2024)

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities: - NVIDIA GPU Display Driver for WIndows and Linux contains a vulnerability in the kernel mode data handler, where an unprivileged regular user can cause...

CVE-2021-46964

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Reserve extra IRQ vectors Commit a6dcfe08487e "scsi: qla2xxx: Limit interrupt vectors to number of CPUs" lowers the number of allocated MSI-X vectors to the number of CPUs. That breaks vector allocation assumptions...

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: nbd: Fix NULL pointer in flushworkqueue Open /dev/nbdX first, the configrefs will be 1 and the pointers in nbddevice are still null. Disconnect /dev/nbdX, then reference a null recvworkq. The protection by configrefs in...

PT-2024-3830 · Nvidia · Nvidia Gpu Display Driver

Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Windows affected versions not specified Description: The issue is related to the kernel mode layer of the NVIDIA GPU Display Driver for Windows when it performs an operation at a higher privilege level than...

PT-2024-3827 · Nvidia +2 · Nvidia Gpu Display Driver +2

Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Windows and Linux affected versions not specified Description: The issue is related to a NULL-pointer dereference in the kernel mode layer of the NVIDIA GPU Display Driver. This can be caused by a user in a guest...

PT-2024-3874 · Nvidia +1 · Nvidia Gpu Display Driver +1

Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Windows and Linux affected versions not specified Description: The issue is related to a NULL-pointer dereference in the kernel mode layer of the NVIDIA GPU Display Driver. A user in a guest VM can cause this...

CVE-2021-46947

In the Linux kernel, the following vulnerability has been resolved: sfc: adjust efx-xdptxqueuecount with the real number of initialized queues efx-xdptxqueuecount is initially initialized to numpossiblecpus and is later used to allocate and traverse efx-xdptxqueues lookup array. However, we may e...

CVE-2021-46947

In the Linux kernel, the following vulnerability has been resolved: sfc: adjust efx-xdptxqueuecount with the real number of initialized queues efx-xdptxqueuecount is initially initialized to numpossiblecpus and is later used to allocate and traverse efx-xdptxqueues lookup array. However, we may e...

CVE-2021-46964

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Reserve extra IRQ vectors Commit a6dcfe08487e "scsi: qla2xxx: Limit interrupt vectors to number of CPUs" lowers the number of allocated MSI-X vectors to the number of CPUs. That breaks vector allocation assumptions...

CVE-2021-46947

CVE-2021-46947 is a Linux kernel issue in the sfc (Solarflare) driver where efx->xdp_tx_queue_count can reflect too many uninitialized slots after probing, risking a NULL pointer dereference (e.g., when running ethtool -S). The root cause is that xdp_tx_queue_count starts at num_possible_cpus(...

CVE-2021-46925

A flaw was found in the Linux kernel affecting the net/smc Synchronous Message Channel subsystem. This vulnerability is caused by a race condition between the smccdctxhandler and smcrelease functions and can cause kernel panics. Mitigation There are no known mitigations to the problem and Red Hat...

CVE-2023-52434 smb: client: fix potential OOBs in smb2_parse_contexts()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2parsecontexts Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts. This fixes following oops when accessing invalid create contexts from server: BUG: unabl...

CVE-2023-52434 smb: client: fix potential OOBs in smb2_parse_contexts()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2parsecontexts Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts. This fixes following oops when accessing invalid create contexts from server: BUG: unabl...

CVE-2023-20579

CVE-2023-20579 involves improper access control in the AMD SPI protection feature. A local Ring0 (kernel mode) user could bypass protections, potentially affecting integrity and availability. Connected documents confirm this is an AMD SPI protection flaw and cite multiple advisories (NVD, Red Hat...