CVE-2024-12577 GPU DDK - rgxfw_pcset_ungrab OOB write via psFWMemContext->uiPageCatBaseRegSet

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...

CVE-2024-46975

CVE-2024-46975 affects the Imagination Technologies PowerVR-GPU driver. The issue arises from kernel code running inside a guest VM that may access memory shared with the GPU firmware, allowing writes to another guest’s virtualized GPU memory. This is described in multiple sources (including Red ...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in the Imagination GPU Driver that originates from kernel software installed and running in the Guest VM that may exploit memory shared with the GPU firmware to write data outside of the Guest's...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in the Imagination GPU Driver, which originates from kernel software installed and running in a Guest VM that may be able to leverage memory shared with the GPU firmware to write data to another Guest's...

SUSE CVE-2023-49582

Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr.h Users are...

Astra Linux – Vulnerability in Firefox, Thunderbird

Insufficient checks during the processing of graphics shared memory could lead to memory corruption. This vulnerability could be exploited by an attacker to perform a sandbox escape. This issue affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1, Thunderbird 128.1, and Thunderbird 115.14...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Do not free decrypted memory. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the shared memory being retained. Callers must ta...

Astra Linux – Vulnerability in APR

The lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users to read access to named shared memory segments, potentially exposing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr.h. Users...

CVE-2020-11298

While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

CVE-2024-21481

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager...

Imagination GPU Driver 安全漏洞

The Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in the Imagination GPU Driver that originates from kernel software installed and running in a guest virtual machine that may utilize memory shared with the GPU firmware to write data outside of the...

Imagination GPU Driver 安全漏洞

The Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in the Imagination GPU Driver that originates from kernel software installed and running in a guest virtual machine that may utilize memory shared with the GPU firmware to write data outside of the...

PT-2025-2942 · Kernel · Kernel

Name of the Vulnerable Software and Affected Versions: Kernel software affected versions not specified Description: The issue allows kernel software installed and running inside a Guest VM to exploit memory shared with the GPU Firmware, enabling it to write data outside the Guest's virtualised GP...

PT-2025-2940 · Kernel · Kernel

Name of the Vulnerable Software and Affected Versions: Kernel software affected versions not specified Description: The issue allows kernel software installed and running inside a Guest VM to exploit memory shared with the GPU Firmware, enabling it to write data outside the Guest's virtualised GP...

PT-2025-36304

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where an insufficient check for packet size after reading from shared memory could lead to out-of-bounds memory access. A check has been added to ensur...

AZL-55561 CVE-2024-56640 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after-free issue We encountered a LGR/link use-after-free issue, which manifested as the LGR/link refcnt reaching 0 early and entering the clear process, making resource access unsafe. refcountt:...

CVE-2024-56613 sched/numa: fix memory leak due to the overwritten vma->numab_state

In the Linux kernel, the following vulnerability has been resolved: sched/numa: fix memory leak due to the overwritten vma-numabstate Problem Description When running the hackbench program of LTP, the following memory leak is reported by kmemleak. /opt/ltp/testcases/bin/hackbench 20 thread 1000...

Medium: apr

Issue Overview: Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr...

Medium: apr

Issue Overview: Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr...

kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump

A flaw was found in the Linux kernel in which functions providing information about SMC-D connections caused a NULL pointer dereference. This flaw allows an attacker with permission to read this information to cause a denial of service...