22 matches found
EUVD-2026-35083
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation. The product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled acro...
CVE-2026-34194
CVE-2026-34194 describes a vulnerability where software running as a non-privileged user can perform improper GPU system calls, causing mismanagement of a mapping state for a sparse memory allocation. The root cause is described as the product accidentally referencing the wrong memory due to how ...
CVE-2026-34194
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation. The product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled acro...
CVE-2026-34194 GPU DDK - UAF read and/or write to arbitrary physical pages in DevmemIntChangeSparse due to incorrect calculation of the virtual index count
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation. The product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled acro...
PT-2026-47315
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation. The product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled acro...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: RISCV: Fix for the “Sparse-Memory/vmemmap out-of-bounds” issue. The offset of vmemmap was adjusted so that the first page of vmemmap is mapped to the first page of physical memory. This ensures that the bounds of vmemmap are...
Medium: oci-add-hooks
Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...
Important: containerd
Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...
DEBIAN-CVE-2022-50091
In the Linux kernel, the following vulnerability has been resolved: locking/csdlock: Change csdlockdebug from earlyparam to setup The csdlockdebug kernel-boot parameter is parsed by the earlyparam function csdlockdebug. If set, csdlockdebug invokes staticbranchenable to enable csdlockwait feature...
UBUNTU-CVE-2022-50091
In the Linux kernel, the following vulnerability has been resolved: locking/csdlock: Change csdlockdebug from earlyparam to setup The csdlockdebug kernel-boot parameter is parsed by the earlyparam function csdlockdebug. If set, csdlockdebug invokes staticbranchenable to enable csdlockwait feature...
SUSE CVE-2024-57881
In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: don't call pfntopage on possibly non-existent PFN in splitlargebuddy In splitlargebuddy, we might call pfntopage on a PFN that might not exist. In corner cases, such as when freeing the highest pageblock in the last...
CVE-2024-57881 mm/page_alloc: don't call pfn_to_page() on possibly non-existent PFN in split_large_buddy()
In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: don't call pfntopage on possibly non-existent PFN in splitlargebuddy In splitlargebuddy, we might call pfntopage on a PFN that might not exist. In corner cases, such as when freeing the highest pageblock in the last...
CVE-2024-56673 riscv: mm: Do not call pmd dtor on vmemmap page table teardown
In the Linux kernel, the following vulnerability has been resolved: riscv: mm: Do not call pmd dtor on vmemmap page table teardown The vmemmap's, which is used for RV64 with SPARSEMEMVMEMMAP, page tables are populated using pmd page middle directory hugetables. However, the pmd allocation is not...
kernel: mm/sparsemem: fix race in accessing memory_section->usage
A race condition was found on a PFN in the Linux Kernel, which can fall into the device memory region with the system memory configuration. Normal zone start and end PFNs contain the device memory PFNs as well, and the compaction triggered will try on the device memory PFNs and end up in NOP. Thi...
AZL-47994 CVE-2024-41055 affecting package kernel for versions less than 5.15.164.1-1
In the Linux kernel, the following vulnerability has been resolved: mm: prevent derefencing NULL ptr in pfnsectionvalid Commit 5ec8e8ea8b77 "mm/sparsemem: fix race in accessing memorysection-usage" changed pfnsectionvalid to add a READONCE call around "ms-usage" to fix a race with sectiondeactiva...
SUSE CVE-2024-26795
In the Linux kernel, the following vulnerability has been resolved: riscv: Sparse-Memory/vmemmap out-of-bounds fix Offset vmemmap so that the first page of vmemmap will be mapped to the first page of physical memory in order to ensure that vmemmap's bounds will be respected during...
CVE-2024-26795 riscv: Sparse-Memory/vmemmap out-of-bounds fix
In the Linux kernel, the following vulnerability has been resolved: riscv: Sparse-Memory/vmemmap out-of-bounds fix Offset vmemmap so that the first page of vmemmap will be mapped to the first page of physical memory in order to ensure that vmemmap’s bounds will be respected during...
PT-2024-7692
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to an out-of-bounds fix in the riscv component of the Linux kernel, specifically in the Sparse-Memory/vmemmap. The vulnerability can cause a denial of service. The...
The vulnerability in the PMRChangeSparseMemOSMem driver of the PowerVR GPU graphics processing unit in Android and ChromeOS operating systems allows attackers to escalate their privileges.
The vulnerability of the PMRChangeSparseMemOSMem driver in the PowerVR GPU graphics processing subsystem for Android and ChromeOS systems stems from the execution of operations outside of the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to gain increased privileg...
Race condition
In the KGSL driver in all Android releases from CAF Android for MSM, Firefox OS for MSM, QRD Android using the Linux Kernel, a Use After Free condition can occur when printing information about sparse memory allocations...