845 matches found
SUSE CVE-2023-53425
In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still dereferenced. This fixes this smatch warning: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 vpuloadfirmware warn: address of NULL point...
CVE-2025-46711 GPU DDK - NULL Pointer dereference occurs in LockHandle on bridge entry when connection misused
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger NULL pointer dereference kernel exceptions...
CVE-2025-25177
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions...
CVE-2023-53425
In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still dereferenced. This fixes this smatch warning: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 vpuloadfirmware warn: address of NULL point...
UBUNTU-CVE-2023-53425
In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still dereferenced. This fixes this smatch warning: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 vpuloadfirmware warn: address of NULL point...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check the scheduler work queue, which could lead to a failure when the GPU is reset...
UBUNTU-CVE-2025-39820
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add a null ptr check for dpuencoderneedsmodeset The drmatomicgetnewconnectorstate can return NULL if the connector is not part of the atomic state. Add a check to prevent a NULL pointer dereference. This follows the...
CVE-2025-39820 drm/msm/dpu: Add a null ptr check for dpu_encoder_needs_modeset
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add a null ptr check for dpuencoderneedsmodeset The drmatomicgetnewconnectorstate can return NULL if the connector is not part of the atomic state. Add a check to prevent a NULL pointer dereference. This follows the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an attempt by the scheduler to balance tasks to the currently running CPU, which could result in a warning...
CVE-2024-36346
CVE-2024-36346 concerns AMD Power Management Firmware (PMFW). The issue is caused by improper input validation , enabling a privileged attacker from a Guest VM to send arbitrary input data and potentially induce a GPU reset . The CVSSv3.1 metrics (AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H) indicate a l...
CVE-2024-36342
Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution...
Exploit for Use After Free in Google Android
This is a proof-of-concept PoC exploit for CVE-2019-2215, a use-after-free vulnerability in the Android kernel. The exploit is designed to demonstrate the vulnerability and its potential impact on the system. The PoC exploit is written in C++ and uses the Clang compiler. It includes a function...
PT-2025-36387
Name of the Vulnerable Software and Affected Versions: AMD GPU Driver affected versions not specified Description: Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow, potentially resulting in arbitrary code execution. This issue may lead to privilege...
PT-2025-36122
Name of the Vulnerable Software and Affected Versions: AMD SEV-SNP affected versions not specified Description: Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss of integrity for...
Linux Distros Unpatched Vulnerability : CVE-2007-3719
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The process scheduler in the Linux kernel 2.6.16 gives preference to interactive processes that perform voluntary sleeps, which allows local users to cause a...
CVE-2025-57751
pyLoad is the free and open-source Download Manager written in pure Python. The jk parameter is received in pyLoad CNL Blueprint. Due to the lack of jk parameter verification, the jk parameter input by the user is directly determined as dykpy.evaljs, resulting in the server CPU being fully occupi...
CVE-2025-38675
In the Linux kernel, the following vulnerability has been resolved: xfrm: state: initialize stateptrs earlier in xfrmstatefind In case of preemption, xfrmstatelookat will find a different pcpuid and look up states for that other CPU. If we matched a state for CPU2 in the statecache while the look...
CVE-2025-38521
In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fix kernel crash when hard resetting the GPU The GPU hard reset sequence calls pmruntimeforcesuspend and pmruntimeforceresume, which according to their documentation should only be used during system-wide PM...
CVE-2025-38536 net: airoha: fix potential use-after-free in airoha_npu_get()
In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix potential use-after-free in airohanpuget np-name was being used after calling ofnodeputnp, which releases the node and can lead to a use-after-free bug. Previously, ofnodeputnp was called unconditionally after...
Linux Distros Unpatched Vulnerability : CVE-2023-4408
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but...