Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations
CVE-2023-33200

4.7MEDIUM

Key Information:

Vendor: Arm Ltd
Status: Bifrost Gpu Kernel Driver; Valhall Gpu Kernel Driver; Arm 5th Gen Gpu Architecture Kernel Driver
Vendor: CVE Published:; 3 October 2023

What is CVE-2023-33200?

A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.

Affected Version(s)

Arm 5th Gen GPU Architecture Kernel Driver r41p0

Bifrost GPU Kernel Driver r17p0

Valhall GPU Kernel Driver r19p0

References

https://developer.arm.com/Arm%20Security%20Center/Mali%20...

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 3, 2023
Vulnerability Reserved
May 18, 2023

Arm Ltd

What is CVE-2023-33200?

Affected Version(s)

References

CVSS V3.1

Timeline