aiproteomics (=0.2.1), alpharing (>=1.0.0 <=2.0.0) +26 more potentially affected by CVE-2021-29518 via tensorflow-cpu (>=1.15.0 <=2.1.0)

tensorflow-cpu PYPI version =1.15.0, =1.0.0, =0.0.1, =1.0.0.4, =0.1.0, =0.2.3, =0.0.5, =0.1.2, =1.0.0, =1.8.2, =1.6.1, =1.8.3 - netfl =1.5.0 and more Source cves: CVE-2021-29518 Source advisory: OSV:PYSEC-2021-446...

brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +4 more potentially affected by CVE-2021-29617 via tensorflow-gpu (>=2.4.0 <=2.4.2)

tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =0.1.0.dev98, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-29617 Source advisory: OSV:PYSEC-2021-743...

deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-29535 via tensorflow-gpu (>=2.3.0 <=2.3.2)

tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-29535 Source advisory: OSV:PYSEC-2021-661...

c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-29520 via tensorflow-cpu (=2.3.1)

tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-29520 Source advisory: OSV:PYSEC-2021-448...

d3m-simon (=1.2.5), deep-floorplan (=0.0.0) +2 more potentially affected by CVE-2021-29545 via tensorflow-gpu (>=2.2.0 <=2.3.0)

tensorflow-gpu PYPI version =2.2.0, =1.3.0, =2.2.0, =2.2.0rc2 Source cves: CVE-2021-29545 Source advisory: OSV:PYSEC-2021-671...

brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +4 more potentially affected by CVE-2021-29585 via tensorflow-gpu (>=2.4.0 <=2.4.2)

tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =0.1.0.dev98, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-29585 Source advisory: OSV:PYSEC-2021-711...

CVE-2021-28663

The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0...

VulnCheck KEV: CVE-2021-28664

Arm Mali Graphics Processing Unit GPU kernel driver contains an unspecified vulnerability that may allow a non-privileged user to gain write access to read-only memory, gain root privilege, corrupt memory, and modify the memory of other processes...

PT-2021-7535 · Samsung +1 · Samsung Mobile Devices +1

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Devices affected versions not specified Description: The issue is related to the use of memory after it has been freed when handling file descriptors in the Display and Enhancement Controller DECON driver of the Display...

DEBIAN-CVE-2021-28089

Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001...

PT-2021-4879 · Arm · Arm Mali Gpu Kernel Driver

Name of the Vulnerable Software and Affected Versions: Arm Mali GPU kernel driver versions Bifrost r0p0 through r28p0 before r29p0 Arm Mali GPU kernel driver versions Valhall r19p0 through r28p0 before r29p0 Arm Mali GPU kernel driver versions Midgard r4p0 through r30p0 Description: The issue is...

GPU driver 资源管理错误漏洞

The Qualcomm Adreno GPU is a mobile platform-integrated GPU from Qualcomm Incorporated USA. A resource management error vulnerability exists in the GPU driver, which stems from improper reference memory checking...

Google Chrome 缓冲区错误漏洞

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A stack overflow vulnerability exists in the GPU process in versions prior to Google Chrome 88.0.4324.182. No detailed vulnerability details are provided at this ti...

CVE-2021-22495

An issue was discovered on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 Exynos chipsets software. The Mali GPU driver allows out-of-bounds access and a device reset. The Samsung ID is SVE-2020-19174 January 2021...

PT-2025-7969

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been identified in the Linux kernel, specifically related to the gpu metrics table in the drm/amd/pm module. The memory is allocated in the renoir init smc tables...

An iOS hacker tries Android

Written by Brandon Azad, when working at Project Zero One of the amazing aspects of working at Project Zero is having the flexibility to direct my own research agenda. My prior work has almost exclusively focused on iOS exploitation, but back in August, I thought it could be interesting to try...

PYSEC-2020-301

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...

pycnet-audio (>=0.5.1 <=0.5.8) potentially affected by CVE-2020-26268 via tensorflow-cpu (=2.2.0)

tensorflow-cpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - pycnet-audio =0.5.1, =0.5.8 Source cves: CVE-2020-26268 Source advisory: OSV:GHSA-HHVC-G5HV-48C6...

PT-2020-16393 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.5 TensorFlow versions prior to 2.0.4 TensorFlow versions prior to 2.1.3 TensorFlow versions prior to 2.2.2 TensorFlow versions prior to 2.3.2 TensorFlow versions prior to 2.4.0 Description: In affected versio...

hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...