Preface: For example, if your app defines a fence for headphones, it gets callbacks when the headphones are plugged in and when they’re unplugged.
Background: Automotive infotainment is an in-car system that combines entertainment such as radio and music playing with driving information, including navigation, ADAS, and vehicle settings.
The SA8255P delivers next-generation Qualcomm Snapdragon automotive infotainment SoC. Developed with SEooC targeting ASIL B use cases, the SAM8255P empowers automakers with scalable solutions that are connected, smart, and aware.
Vulnerability details: NULL Pointer Dereference in Graphics,
transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA.
Arm has released limited details about the vulnerability. Do you think the following is similar to CVE-2024-4610?
Preface: Arm was recently aware of reports of this vulnerability being exploited in the wild, but this exploit was a local attack. Perhaps, cybercriminals should help via email phishing or SMS functionality. Therefore, it attracted the attention of manufacturers.
Background: The Mali Bifrost architecture – implemented by the Mali-G3x, Mali-G5x, and Mali-G7x family of products, is the successor to the Midgard architecture and the predecessor of the Valhall architecture.
The Android and Linux version of the Mali GPUs Device Driver provide low-level access to the Mali GPUs that are part of the Bifrost family.
There are many ways to communicate with IPC, such as: Shared Memory, Message Queue, PIPE, FIFO, Unix Socket, etc. A process cannot access another process’s memory. However, the kernel has control over all processes and therefore can expose an interface that enables IPC. In Binder, this interface is the /dev/binder device, which is implemented by the Binder kernel driver.
Ref: A Mutex is a Mutually exclusive flag. It acts as a gate keeper to a section of code allowing one thread in and blocking access to all others.
Vulnerability details: Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.
This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.
Preface: June 2024 Update – After additional analysis, AMD believes that the Client AGESA™ firmware versions previously provided did not sufficiently mitigate CVE-2023-20594. This security bulletin has been updated with new Client AGESA™ firmware versions that contain updated mitigations.
Background: The DXE drivers are responsible for initializing the processor, chipset, and platform components as well as providing software abstractions for system services, console devices, and boot devices.
Vulnerability details:
CVE-2023-20594Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. CWE-665 Improper Initialization
CVE-2023-20597 Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. CWE-665 Improper Initialization
Published Date: Sep 20, 2023 Last updated date: Jun 11, 2024
Preface: That is by design. If a file is created with the name of a just-deleted file, timestamps, attributes, and security are carried forward.
Background: To immediately sync files that are changed in the Azure file share, the Invoke-AzStorageSyncChangeDetection PowerShell cmdlet can be used to manually initiate the detection of changes in the Azure file share.
This cmdlet is intended for scenarios where some type of automated process is making changes in the Azure file share or the changes are done by an administrator (like moving files and directories into the share). For end user changes, the recommendation is to install the Azure File Sync agent in an IaaS VM and have end users access the file share through the IaaS VM. This way all changes will quickly sync to other agents without the need to use the Invoke-AzStorageSyncChangeDetection cmdlet.
Vulnerability details: Microsoft Azure File Sync Elevation of Privilege Vulnerability
Preface: Every time I start learning CVE. It helps me enrich my knowledge. Even though it was released months ago.
Background: Around the world in 2024, over 4450 companies have started using Chrome as Site Search tool.
V8 is a JavaScript and WebAssembly engine developed by Google for its Chrome browser. Each WebAssembly module executes within a sandboxed environment separated from the host runtime using fault isolation techniques.
Ref: wasmtime is a runtime for WebAssembly. The 19.0.0 release of Wasmtime contains a regression introduced during its development which can lead to a guest WebAssembly module causing a panic in the host runtime. A valid WebAssembly module, when executed at runtime, may cause this panic. This vulnerability has been patched in version 19.0.1.
Vulnerability details: This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
[N/A][341663589] High CVE-2024-5274: Type Confusion in V8. Reported by Clément Lecigne of Google’s Threat Analysis Group and Brendon Tiszka of Chrome Security on 2024-05-20
Google is aware that an exploit for CVE-2024-5274 exists in the wild.
Preface: Oracle and Citrix have large customer bases and use Xen as their primary hypervisor. Red Hat, SUSE, and Canonical support KVM as a virtualization option in their Linux versions. When it comes to cloud computing, administrators face a similar decision: Citrix and Oracle offer Xen-based offerings rather than Google’s KVM.
Background: In a hypervisor command shell, such as the Citrix Hypervisor dom0 shell or the VMware ESXi host shell. You can do the following command to verify your NVIDIA virtual GPU software version.
NVIDIA vGPU software can be used in a variety of ways. The method we mentioned here is related to this vulnerability. In GPU pass-through mode, an entire physical GPU is directly assigned to one VM, bypassing the NVIDIA Virtual GPU Manager. In this mode of operation, the GPU is accessed exclusively by the NVIDIA driver running in the VM to which it is assigned. The GPU is not shared among VMs.
Exploiting a buffer overflow vulnerability often involves manipulating pointers to redirect program execution or inject malicious code. By overwriting the return address of a function, an attacker can divert the control flow to a different section of the program where their code is placed.
Vulnerability details:
CVE‑2024‑0099 NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could cause buffer overrun in the host. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service.
CVE‑2024‑0089 NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service.
Preface: PowerVR not limited 2D and 3D rendering, and for video encoding, decoding, associated image processing. It also develops AI accelerators called Neural Network Accelerator (NNA). The IMG Series4 is a revolutionary neural network accelerator (NNA) for the automotive industry that enables ADAS and autonomous driving.
PowerVR accelerators are not manufactured by PowerVR, but instead their IP blocks of integrated circuit designs and patents are licensed to other companies.
Remark: An IP block is a reusable unit of logic, cell, or chip layout design and can be used as building block for various chip- and logic designs. By making this technology available NXP is opening up the opportunity for chip designers to leverage our building blocks in a wide assortment of on-chip solutions.
Background: What is DDK? To build the Android kernel and other kernel artifacts (modules, boot images, etc.), they provide a framework called “Kleaf”. For Android 14+, Kleaf is strongly recommended. One part of Kleaf is the Driver Development Kit (DDK) which is used to build external modules.
Vulnerability details: CVE-2024-31335 – GPU – PowerVR: Wrong order of operations in DevmemIntUnmapPMR2 may lead to temporarily dangling PTEs.
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
Official announcement: For detail, please refer to link –
Preface: In linux distributions the term ‘upstream’ (also applied to kernel) refers to the original version (as is released by software developers) of a program/software (kernel in your case) while ‘downstream’ refers to the software provided by linux distribution.
Background: There are many ways to communicate with IPC, such as: Shared Memory, Message Queue, PIPE, FIFO, Unix Socket, etc. A process cannot access another process’s memory. However, the kernel has control over all processes and therefore can expose an interface that enables IPC. In Binder, this interface is the /dev/binder device, which is implemented by the Binder kernel driver.
Ref: A Mutex is a Mutually exclusive flag. It acts as a gate keeper to a section of code allowing one thread in and blocking access to all others.
Vulnerability details:
Kernel -The vulnerability in this section could lead to local escalation of privilege in the kernel with no additional execution privileges needed.
Official announcement: For detail, please refer to link –
Preface: Ancient humans hunted for survival. As times goes by, the evolution make them become intelligence biology. This pursuit of progress divided into different level of human. Human want is never ending. When Artificial Intelligence has born. It is the creator’s final blessing to human.
Background: Intel Neural Compressor performs model optimization to reduce the model size and increase the speed of deep learning inference for deployment on CPUs or GPUs.
Intel Neural Compressor aims to provide popular model compression techniques such as quantization, pruning (sparsity), distillation, and neural architecture search on mainstream frameworks such as TensorFlow, PyTorch, ONNX Runtime, and MXNet, as well as Intel extensions such as Intel Extension for TensorFlow and Intel Extension for PyTorch.
Description: Improper input validation in some Intel® Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access.
Preface: By default, OpenWrt builds the kernel with a useful set of netfilter capabilities for a robust router. NAT. REJECT. REDIRECT. CONNTRACK. LOG.
OpenWrt is a Linux distribution suitable for embedded devices. Currently, many embedded hardware platforms on the market use OpenWrt as their basis, such as routers, network gateways or industrial use computer
Background: Netfilter is a framework provided by the Linux kernel that allows various networking-related operations to be implemented in the form of customized handlers. Netfilter offers various functions and operations for packet filtering, network address translation, and port translation, which provide the functionality required for directing packets through a network and prohibiting packets from reaching sensitive locations within a network.
Netfilter represents a set of hooks inside the Linux kernel, allowing specific kernel modules to register callback functions with the kernel’s networking stack. Those functions, usually applied to the traffic in the form of filtering and modification rules, are called for every packet that traverses the respective hook within the networking stack.
Vulnerability details: CVE-2024-1086 A use-after-free vulnerability in the Linux kernel’s netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
