hw: Intel SGX information leak

A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...

hw: Intel GPU Denial Of Service while accessing MMIO in lower power state

A flaw was found in Intel graphics hardware GPU where a local attacker with the ability to issue an ioctl could trigger a hardware level crash if MMIO registers were read while the graphics card was in a low-power state. This creates a denial of service situation and the GPU and connected display...

NVIDIA Windows GPU Display Driver Null Pointer Dereference Vulnerability

NVIDIA Windows GPU Display Driver is a graphics processor GPU graphics card driver from NVIDIA dedicated to the Windows platform. A null pointer dereference vulnerability exists in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape in the NVIDIA Windows GPU Display Driver. An attacker...

NVIDIA Windows GPU Display Driver Denial of Service Vulnerability (CNVD-2019-40475)

NVIDIA Windows GPU Display Driver is a graphics processor GPU graphics card driver from NVIDIA dedicated to the Windows platform. A denial of service vulnerability exists in the kernel mode layer nvlddmkm.sys of the NVIDIA Windows GPU Display Driver. The vulnerability stems from a program that...

HTTP/2: request for large response leads to denial of service

A vulnerability was found in HTTP/2. An attacker can open a HTTP/2 window so the peer can send without constraint. The TCP window remains closed so the peer cannot write the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the server's...

CVE-2019-4183

IBM Cognos Analytics 11.0, and 11.1 is vulnerable to a denial of service attack that could allow a remote user to send specially crafted requests that would consume all available CPU and memory resources. IBM X-Force ID: 158973...

Cisco Extends Patch for IPv6 DoS Vulnerability

Cisco has extended its patch for a high-severity IPv6 denial-of-service DoS vulnerability that was first addressed in 2016. The bug CVE-2016-1409 is a vulnerability in the IPv6 packet processing functions of multiple Cisco products, which could allow an unauthenticated, remote attacker to cause a...

qt5-qtimageformats: QTgaFile CPU exhaustion

An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption...

CVE-2018-17479

Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)

A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...

USN-3904-1 nvidia-graphics-drivers-390 vulnerability

It was discovered that the NVIDIA graphics drivers incorrectly handled the GPU performance counters. A local attacker could possibly use this issue to access the application data processed on the GPU...

BSA-2018-740

Security Advisory ID : BSA-2018-740 Component : CPU featuring SMT Revision : 1.0: Initial A group a researchers has discover a new vulnerability being called PortSmash, impacting all CPUs that use a Simultaneous Multithreading SMT architecture. SMT is a technology that allows multiple computing...

chromium-browser: Memory corruption in GPU Internals

A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

Huawei Mate 9 Pro GPU Driver Arbitrary Memory Release Vulnerability

The Huawei Mate 9 Pro is a smartphone product of the Chinese company Huawei Huawei. An arbitrary memory release security vulnerability exists in the GPU driver of the Huawei Mate 9 Pro phone due to insufficient validation of parameter legitimacy by the memory management module. An attacker can...

Unspecified vulnerability in Linux kernel (CNVD-2018-16689)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions 4.17.2 and earlier, which stems from the page allocator not providing CPU resources to the oomlock mutex lock...

Intel Core Microprocessors Information Disclosure Vulnerability

Intel Core-based microprocessors are the Core family of central processing unit products CPUs from the U.S. company Intel. An information disclosure vulnerability exists in Intel Core-based microprocessors. An attacker could exploit this vulnerability to obtain values about other processes stored...

Multiple CPU Hardwares Information Disclosure Vulnerabilities

CPU hardware is the firmware that runs in the central processor to manage and control the CPU. An information disclosure vulnerability exists in multiple CPU Hardwares. The vulnerability arises due to a contention condition in CPU cache processing. A local attacker can exploit the vulnerability t...

UBUNTU-CVE-2017-15119

The Network Block Device NBD server in Quick Emulator QEMU before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client could use this flaw to keep the NBD server from...

Huawei P7 and P8 Youth Edition GPU Driver Denial of Service Vulnerability

Huawei P7 and P8 Youth Edition are smartphone devices from Huawei, a Chinese company.GPU driver is one of the graphics drivers. A denial of service vulnerability exists in the GPU driver in the Huawei P7 and P8 Youth Edition. An attacker can exploit this vulnerability by tricking a user into...

UBUNTU-CVE-2017-0352

All versions of the NVIDIA GPU Display Driver contain a vulnerability in the GPU firmware where incorrect access control may allow CPU access sensitive GPU control registers, leading to an escalation of privileges...