New Project Zero issue:

PowerVR: PVRSRVAcquireProcessHandleBase() can cause psProcessHandleBase reuse when PIDs are reused

https://project-zero.issues.chromium.org/issues/42451726

CVE-2024-43704

New Project Zero issue:

Linux >=6.6: race between mremap (move_normal_pmd) and MADVISE_COLLAPSE (retract_page_tables)

https://project-zero.issues.chromium.org/issues/371047675

CVE-2024-50066

New Project Zero issue:

FASTRPC_ATTR_KEEP_MAP logic bug allows fastrpc_internal_munmap_fd to racily free in-use mappings leading to UAF

https://project-zero.issues.chromium.org/issues/42451725

CVE-2024-49848

New Project Zero issue:

Linux: temporarily dangling PFN mapping on remap_pfn_range() failure in usbdev_mmap() (and elsewhere?)

https://project-zero.issues.chromium.org/issues/366053091

CVE-2024-47674

New Project Zero issue:

adsprpc: refcount leak leading to UAF in fastrpc_get_process_gids

https://project-zero.issues.chromium.org/issues/42451711

CVE-2024-38402

New Project Zero issue:

Linux: fuse_notify_store() marks page uptodate while leaving beyond-EOF parts uninitialized

https://project-zero.issues.chromium.org/issues/42451729

CVE-2024-44947

New Project Zero issue:

Android: GKI kernels contain broken non-upstream Speculative Page Faults MM code

https://project-zero.issues.chromium.org/issues/42451518

CVE-2023-20937

New Project Zero issue:

dav1d integer overflow leading to out-of-bounds write

https://project-zero.issues.chromium.org/issues/42451651

CVE-2024-1580

New Project Zero issue:

UAF race of global maps in fastrpc_mmap_create (and epilogue functions) cause memory corruption

https://project-zero.issues.chromium.org/issues/42451715

CVE-2024-33060

New Project Zero issue:

Incorrect searching algorithm in fastrpc_mmap_find leads to kernel address space info leak

https://project-zero.issues.chromium.org/issues/42451713

CVE-2024-33060

New Project Zero issue:

Double-free (or UAF) race in possibly unused qrtr_bpf_filter_detach

https://project-zero.issues.chromium.org/issues/42451712

CVE-2024-38401

New Project Zero issue:

Linux: i915: out-of-bounds PTE write in vm_fault_gtt() leads to PTE UAF

https://project-zero.issues.chromium.org/issues/42451707

CVE-2024-42259

New Project Zero issue:

is_compat flag in adsprpc driver leads to access of userland provided addresses as kernel pointers

https://project-zero.issues.chromium.org/issues/42451710

CVE-2024-21455

New Project Zero issue:

PowerVR: DEVMEMXINT_RESERVATION::ppsPMR references PMRs but does not lock their physical addresses

https://project-zero.issues.chromium.org/issues/42451698

CVE-2024-34747

It seems Google is still in the process of migrating issues to the new P0 issue tracker, resulting in bumping old reports to the top.

Now the bot implements a filter that won't post issues with CVE's earlier than 2023.

New Project Zero issue:

Windows: VHDMP ZwDeleteFile Arbitrary File Deletion EoP

https://project-zero.issues.chromium.org/issues/42452442

CVE-2016-7225

New Project Zero issue:

Flash: integer overflow / memory corruption with excessive number of shader input channels

https://project-zero.issues.chromium.org/issues/42451806

CVE-2015-3104

New Project Zero issue:

Flash: out-of-bounds write in ShaderParameter resolution

https://project-zero.issues.chromium.org/issues/42451807

CVE-2015-3105

New Project Zero issue:

FaceTime: Memory Corruption in VCPDecompressionDecodeFrame

https://project-zero.issues.chromium.org/issues/42450697

CVE-2018-4366

New Project Zero issue:

Qualcomm Adreno GPU ringbuffer corruption and protected mode bypass

https://project-zero.issues.chromium.org/issues/42451155

CVE-2020-11179