Mali GPU Kernel Driver allows improper GPU processing operations
CVE-2023-5427

7.8HIGH

Key Information:

Vendor: Arm Ltd
Status: Bifrost Gpu Kernel Driver; Valhall Gpu Kernel Driver; Arm 5th Gen Gpu Architecture Kernel Driver
Vendor: CVE Published:; 1 December 2023

What is CVE-2023-5427?

A vulnerability exists within the Bifrost, Valhall, and 5th Gen GPU kernel drivers from Arm Ltd that allows a local non-privileged user to conduct improper GPU processing operations. This may lead to unauthorized access and manipulation of already freed memory, creating potential security risks. The flaw affects specific driver versions from r44p0 through r45p0.

Affected Version(s)

Arm 5th Gen GPU Architecture Kernel Driver r44p0

Bifrost GPU Kernel Driver r44p0

Valhall GPU Kernel Driver r44p0

References

https://developer.arm.com/Arm%20Security%20Center/Mali%20...

http://packetstormsecurity.com/files/176029/ARM-Mali-r44p...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 1, 2023
Vulnerability Reserved
Oct 5, 2023