UBUNTU-CVE-2024-36347

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged...

CVE-2025-46707

Software installed and running inside a Guest VM may override Firmware's state and gain access to the GPU...

SecONNds: Secure Outsourced Neural Network Inference on ImageNet

The widespread adoption of outsourced neural network inference presents significant privacy challenges, as sensitive user data is processed on untrusted remote servers. Secure inference offers a privacy-preserving solution, but existing frameworks suffer from high computational overhead and...

DEBIAN-CVE-2025-38041

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h616: Reparent GPU clock during frequency changes The H616 manual does not state that the GPU PLL supports dynamic frequency configuration, so we must take extra care when changing the frequency. Currently any...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the clk driver not properly re-parenting the H616 GPU clock frequency when it changes...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not freeing gpumetricstable memory, which could lead to a memory leak...

GHSA-WGC6-9F6W-H8HX Withdrawn Advisory: microlight allows a denial of service

Withdrawn Advisory This advisory has been withdrawn because the proof of concept does not demonstrate a practical security impact. This link is maintained to preserve external references. Original Description A denial of service DoS vulnerability has been identified in the JavaScript library...

CVE-2025-21479 Incorrect Authorization in Graphics

Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from unauthorized command execution by a GPU micronode during the execution of a specific command sequence, resulting in memory corruption...

VulnCheck KEV: CVE-2025-21480

Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands...

TechPowerUp GPU-Z 安全漏洞

TechPowerUp GPU-Z is a lightweight application for managing and controlling video cards and graphics processors from TechPowerUp, Inc. A security vulnerability exists in TechPowerUp GPU-Z version 2.23.0 that stems from a memory leak in the sub140001880 function in the GPU-Z.sys library...

Intel Data Center GPU Flex Series Access Control Error Vulnerability

Intel Data Center GPU Flex Series is Intel's high-performance GPU solution for data centers, mainly serving cloud gaming, AI visual inference, media processing and other scenarios. The Intel Data Center GPU Flex Series suffers from an Access Control Error vulnerability that stems from improper...

Intel Data Center GPU Flex Series Buffer Overflow Vulnerability

Intel Data Center GPU Flex Series is Intel's high-performance GPU solution for data centers, mainly serving cloud gaming, AI visual inference, media processing and other scenarios. The Intel Data Center GPU Flex Series suffers from a buffer overflow vulnerability that originates from a boundary...

CVE-2024-32922

In gpupmpowerontopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21670

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode...

CVE-2020-11201

Arbitrary access to DSP memory due to improper check in loaded library for data received from CPU side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P,...

Intel Data Center GPU Flex Series 访问控制错误漏洞

Intel Data Center GPU Flex Series is Intel's high-performance GPU solution for data centers, mainly serving cloud gaming, AI visual inference, media processing and other scenarios. The Intel Data Center GPU Flex Series suffers from an Access Control Error vulnerability that stems from improper...

PT-2025-25786

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue occurred when a process exited and attempted to unmap CSA and free GPU VM. If a signal was accepted and the wait to take...

CVE-2025-37783 drm/msm/dpu: Fix error pointers in dpu_plane_virtual_atomic_check

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Fix error pointers in dpuplanevirtualatomiccheck The function dpuplanevirtualatomiccheck was dereferencing pointers returned by drmatomicgetplanestate without checking for errors. This could lead to undefined behavio...

CVE-2025-23162

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Don't try to trigger a full GT reset if VF VFs don't have access to the GDRST0x941c register that driver uses to reset a GT. Attempt to trigger a reset using debugfs: $ cat...