Mali GPU Kernel Driver allows improper GPU memory processing operations
CVE-2023-4295
7.8HIGH
Key Information
- Vendor
- Arm
- Status
- Valhall GPU Kernel Driver
- Arm 5th Gen GPU Architecture Kernel Driver
- Vendor
- CVE Published:
- 7 November 2023
Summary
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
Affected Version(s)
Valhall GPU Kernel Driver < r29p0
Arm 5th Gen GPU Architecture Kernel Driver < r41p0
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
Jann Horn at Google