PT-2025-3686

Name of the Vulnerable Software and Affected Versions Arm Ltd Bifrost GPU Kernel Driver versions r44p1, from r46p0 through r49p0, from r50p0 through r51p0 Arm Ltd Valhall GPU Kernel Driver versions r44p1, from r46p0 through r49p0, from r50p0 through r51p0 Arm Ltd Arm 5th Gen GPU Architecture Kern...

Patch now! New Chrome update for two critical vulnerabilities

Google has released an update for its Chrome browser which includes patches for two critical vulnerabilities. The update brings the Stable channel to versions 130.0.6723.91/.92 for Windows and Mac and 130.0.6723.91 for Linux. The easiest way to update Chrome is to allow it to update automatically...

PT-2024-5483 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 127.0.6533.88 Microsoft Edge affected versions not specified Description: The issue is related to the use of uninitialized variables in the Dawn component, which implements the WebGPU specification. This could...

PT-2024-3654 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 125.0.6422.60 Description: The issue is related to a use after free in the Dawn component, allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could be achieved throu...

WebGPU Browser-based GPU Cache Side-Channel

Bulletin ID: AMD-SB-6011 Potential Impact: GPU Cache Attacks from the Browser Severity: Summary AMD is aware of a paper titled “Generic and Automated Drive-by GPU Cache Attacks from the Browser” being published by researchers from Graz University of Technology and The University of Rennes. AMD do...

openSUSE Security Advisory (openSUSE-SU-2024:0020-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Out-of-bounds Write

Google Chrome is vulnerable to Out-of-bounds Write. The vulnerability exists in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

The vulnerability of the application programming interface for working with computer graphics in the WebGPU browser interfaces of Google Chrome and Microsoft Edge allows a perpetrator to disclose protected information.

The vulnerability of the application programming interface for working with computer graphics in WebGPU browsers like Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to disclose sensitive information...

openSUSE 15 Security Update : opera (openSUSE-SU-2024:0016-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0016-1 advisory. - Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to...

Google Chrome memory misreference vulnerability (CNVD-2024-10413)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a memory misreference vulnerability that is due to free usage in the WebGPU. An attacker can exploit the vulnerability to execute arbitrary code on the system...

Chromium: CVE-2024-0225 Use after free in WebGPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

SUSE CVE-2024-0225

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2024-0225

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-0225

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-0225

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Design/Logic Flaw

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-0225

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-0225

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-0225

The CVE affects Google Chrome (Chromium/WebGPU) with a use-after-free in WebGPU, leading to potential heap corruption via a crafted HTML page. Affected versions are prior to 120.0.6099.199; remediation is to update to 120.0.6099.199 or newer, as reflected by multiple advisories (e.g., Fedora/Debi...

CVE-2024-0225

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...