UBUNTU-CVE-2022-34676

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds read may lead to denial of service, information disclosure, or data tampering...

NVIDIA GPU Display Driver 代码问题漏洞

NVIDIA GPU Display Driver is a driver software from NVIDIA Corporation that is used for interactive support of graphics card display modules in operating systems. A security vulnerability exists in NVIDIA GPU Display Driver that originates in the kernel mode layer where an unprivileged, regular...

An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.

...

PT-2022-12204 · Siemens · Simatic Drive Controller Cpu 1504D Tf +73

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned Description: The issue concerns the processing of specially crafted packets sent to port 102/tcp. This could potentially allow an attacker to cause a denial of service in the affected devices...

ARM Mali GPU Kernel Driver 资源管理错误漏洞

The ARM Mali GPU Kernel Driver is a driver for a graphics processor unit from ARM UK. The Arm Mali GPU Kernel Driver suffers from a resource management error vulnerability that originates from the fact that an unprivileged user can access freed memory leading to post-freedom reuse through imprope...

New Opera 93 Stable update includes fix for latest Chromium zero-day

Security New Opera 93 Stable update includes fix for latest Chromium zero-day Share December 2nd, 2022 Hi everyone! Opera for Windows and Mac have received Stable updates 93.0.4585.37 and 93.0.4585.39 respectively. Among other things, these updates include Chromium update 107.0.5304.122, which...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, Inc. in the United States. Google Chrome suffers from a security vulnerability that stems from a heap buffer overflow in the GPU...

aggmap (>=1.1.1 <=1.2.1), molmap (>=1.3.1 <=1.4.0) potentially affected by CVE-2022-41911 via tensorflow-gpu (=2.9.1)

tensorflow-gpu PYPI version =2.9.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - aggmap =1.1.1, =1.3.1, =1.4.0 Source cves: CVE-2022-41911 Source advisory: OSV:GHSA-PF36-R9C6-H97J...

clip-jax (=0.0.5), sdeper (>=1.1.0 <=1.6.1) potentially affected by CVE-2022-41898 via tensorflow-cpu (>=2.9.0 <=2.9.1)

tensorflow-cpu PYPI version =2.9.0, =1.1.0, =1.6.1 Source cves: CVE-2022-41898 Source advisory: OSV:GHSA-HQ7G-WWWP-Q46H...

PT-2022-26119 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.11 TensorFlow versions 2.10.1, 2.9.3, and 2.8.4 Description: TensorFlow is an open source platform for machine learning. When running on GPU, the function tf.image.generate bounding box proposals receives a scor...

PT-2022-35339 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue is related to the drm/msm/dpu component, specifically with the index dpu kms-hw vbif using vbif idx. The actual impact and attack plausibility have not yet been proven...

CVE-2022-32603

In gpu drm, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310704; Issue ID: ALPS07310704...

MediaTek 芯片安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in MediaTek vcu, which stems from a memory reuse after release issue...

ARM Midgard GPU Kernel Driver 安全漏洞

ARM Midgard GPU Kernel Driver is a Mali GPU device driver from ARM UK. A security vulnerability exists in the ARM Midgard GPU Kernel Driver versions r4p0 through r31p0, the Bifrost GPU Kernel Driver versions r0p0 through r38p1, r39p0, and the Valhall GPU Kernel Driver versions r19p0 through r38p1...

hw: cpu: AMD: Branch Type Confusion (non-retbleed)

A flaw was found in hw. Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to information disclosure...

hw: cpu: incomplete clean-up of microarchitectural fill buffers (aka SBDS)

A flaw was found in hw. Incomplete cleanup of microarchitectural fill buffers on some Intel® Processors may allow an authenticated user to enable information disclosure via local access...

clip-jax (=0.0.5) potentially affected by CVE-2022-35983 via tensorflow-cpu (=2.9.0)

tensorflow-cpu PYPI version =2.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - clip-jax =0.0.5 Source cves: CVE-2022-35983 Source advisory: OSV:GHSA-M6VP-8Q9J-WHX4...

Google TensorFlow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which stems from the GPU kernel failing to assert when tf.linalg.matrixrank receives a null input a, which can be used to trigger a denial-of-servic...

PT-2022-23087 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when the MaxPool function receives a window size input array...

GHSA-V62J-CXHH-FQ22 graphql-java vulnerable to Denial of Service via GraphQL query that consumes CPU resources

graphql-java before 19.0, 18.3, and 17.4 is vulnerable to Denial of Service. An attacker send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0, 18.3, and 17.4...