EUVD-2022-30012

Malicious code in bioql PyPI...

EUVD-2023-45838

Malicious code in bioql PyPI...

PT-2025-44099

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the register shm helper function related to incorrect error handling during a call to iov iter extract pages. Specifically, a missing case exists wher...

CVE-2025-0034

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVSPATIALPART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service...

CVE-2023-31326

Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment TEE driver, potentially leading to loss of confidentiality...

CVE-2025-0034

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVSPATIALPART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service...

CVE-2025-0034

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVSPATIALPART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service...

CVE-2025-0034

CVE-2025-0034 concerns the TEE SOC Driver. The root cause is insufficient parameter sanitization, enabling an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART that can read or write past the end of allocated arrays, potentially compromising platform integrity or causing a denial of...

CVE-2023-31326

Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment TEE driver, potentially leading to loss of confidentiality...

CVE-2023-31326

CVE-2023-31326 concerns AMD components where the root cause is uninitialized variable usage in the ASP, which could allow an attacker to access leftover data from a trusted execution environment (TEE) driver and potentially cause confidentiality loss. The issue spans AMD Client and Embedded Proce...

CVE-2021-46750

Failure to validate the address and size in TEE Trusted Execution Environment may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR Trusted Memory Region that was previously allocated by the ASP bootloader leading to a potential los...

CVE-2021-46750

Failure to validate the address and size in TEE Trusted Execution Environment may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR Trusted Memory Region that was previously allocated by the ASP bootloader leading to a potential los...

CVE-2021-46750

CVE-2021-46750 describes a failure to validate address and size in a Trusted Execution Environment (TEE) that could allow a local x86 attacker to send malformed messages to the graphics mailbox, causing overlap of a previously allocated Trusted Memory Region (TMR) by the ASP bootloader and potent...

PT-2025-36396

Name of the Vulnerable Software and Affected Versions: TEE SOC Driver affected versions not specified Description: Insufficient parameter sanitization in the TEE SOC Driver could allow an attacker to issue a malformed DRV SOC CMD ID SRIOV SPATIAL PART command, potentially leading to read or write...

PT-2025-36380

Name of the Vulnerable Software and Affected Versions: ASP affected versions not specified Description: The use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment TEE driver, potentially leading to loss of confidentiality...

PT-2025-36375

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: A failure to validate the address and size within the Trusted Execution Environment TEE could allow a malicious x86 attacker to send malformed messages to the...

CVE-2021-26383

Insufficient bounds checking in AMD TEE Trusted Execution Environment could allow an attacker with a compromised userspace to invoke a command with malformed arguments leading to out of bounds memory access, potentially resulting in loss of integrity or availability...

PT-2025-36342

Name of the Vulnerable Software and Affected Versions: AMD TEE affected versions not specified Description: Insufficient bounds checking in AMD TEE Trusted Execution Environment could allow an attacker with a compromised userspace to invoke a command with malformed arguments, leading to...

USN-7703-4 linux-gke, linux-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

kernel: tee: amdtee: fix race condition in amdtee_open_session

A use-after-free vulnerability was found in the AMD TEE driver in the Linux kernel. The flaw occurs from a race condition in the amdteeopensession function, where the session is marked as active in sess-sessmask before the corresponding sess structure is fully initialized. If a parallel thread...