1363 matches found
CVE-2023-31322
Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability, Availability, and Serviceability trusted application RAS TA potentially leading to a read or write to shared memory resulting in loss of confidentiality, integrity, or availability...
PT-2025-36378
Name of the Vulnerable Software and Affected Versions: ASP affected versions not specified Description: Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability, Availability, and Serviceability trusted application RAS TA, potentially leading to a read or...
AMD Graphics Driver 安全漏洞
AMD Graphics Driver is an integrated graphics driver from Ultraviolet Semiconductor AMD. A security vulnerability exists in AMD Graphics Driver that stems from type confusion and could result in shared memory reads and writes and loss of confidentiality, integrity, or availability...
Linux Distros Unpatched Vulnerability : CVE-2025-39710
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available...
SUSE CVE-2025-39710
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
CVE-2025-39710
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
DEBIAN-CVE-2025-39710
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
AZL-66944 CVE-2025-39710 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
UBUNTU-CVE-2025-39710
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
CVE-2025-39710 media: venus: Add a check for packet size after reading from shared memory
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
CVE-2025-39710
CVE-2025-39710: In the Linux kernel, the Venus media driver adds a packet-size validation after reading the header from shared memory to ensure the reported size cannot exceed the number of available words. This fixes potential out-of-bounds memory accesses by firmware-provided sizes. The fix tar...
CVE-2025-39710 media: venus: Add a check for packet size after reading from shared memory
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from unverified packet sizes in shared memory, which could lead to out-of-bounds memory accesses...
mm: revert "mm: shmem: fix data-race in shmem_getattr()"
...
kernel: mm/hugetlb: avoid corrupting page->mapping in hugetlb_mcopy_atomic_pte
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: avoid corrupting page-mapping in hugetlbmcopyatomicpte In MCOPYATOMICCONTINUE case with a non-shared VMA, pages in the page cache are installed in the ptes. But hugepageaddnewanonrmap is called for them mistakenly...
kernel: mm/hugetlb: avoid corrupting page->mapping in hugetlb_mcopy_atomic_pte
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: avoid corrupting page-mapping in hugetlbmcopyatomicpte In MCOPYATOMICCONTINUE case with a non-shared VMA, pages in the page cache are installed in the ptes. But hugepageaddnewanonrmap is called for them mistakenly...
CVE-2025-38669
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-shmem: Use dmabuf from GEM object instance" This reverts commit 1a148af06000e545e714fe3210af3d77ff903c11. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field become...
CVE-2025-38669 Revert "drm/gem-shmem: Use dma_buf from GEM object instance"
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-shmem: Use dmabuf from GEM object instance" This reverts commit 1a148af06000e545e714fe3210af3d77ff903c11. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field become...
CVE-2025-38669
CVE-2025-38669 concerns a Linux kernel issue where the dma_buf field in struct drm_gem_object is not stable across a GEM object’s lifetime, becoming NULL after the final GEM handle is released, leading to a NULL-pointer dereference. The vulnerability arose after a change to use dma_buf from the G...
(Pwn2Own) NVIDIA Triton Inference Server LoadFromSharedMemory Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of NVIDIA Triton Inference Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the LoadFromSharedMemory function. The issue results from the lac...