Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations

CVE-2023-34970

4.7MEDIUM

Key Information

Vendor: Arm
Status: Valhall GPU Kernel Driver; Arm 5th Gen GPU Architecture Kernel Driver
Vendor: CVE Published:; 3 October 2023

Summary

A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory

Affected Version(s)

Valhall GPU Kernel Driver < r44p0

Arm 5th Gen GPU Architecture Kernel Driver < r41p0

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Oct 3, 2023
Vulnerability Reserved.
Jun 8, 2023

Collectors

NVD DatabaseMitre Database