Lucene search

[email protected]CVE-2023-28147

HistoryJun 02, 2023 - 12:15 a.m.

CVE-2023-28147

2023-06-0200:15:09

[email protected]

web.nvd.nist.gov

cve-2023-28147

arm mali

gpu kernel driver

memory access

security vulnerability

nvd

exploit

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.2%

JSON

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm’s GPU Architecture Gen5 r41p0 through r42p0 before r43p0.

Affected configurations

NVD

Node

armavalon_gpu_kernel_driverRanger41p0–r43p0

armbifrost_gpu_kernel_driverRanger17p0–r43p0

armmidgard_gpu_kernel_driverRanger29p0–r32p0

armvalhall_gpu_kernel_driverRanger19p0–r43p0

CPENameOperatorVersion
arm:avalon_gpu_kernel_driverarm avalon gpu kernel driverltr43p0
arm:bifrost_gpu_kernel_driverarm bifrost gpu kernel driverltr43p0
arm:midgard_gpu_kernel_driverarm midgard gpu kernel driverler32p0
arm:valhall_gpu_kernel_driverarm valhall gpu kernel driverltr43p0

CPE	Name	Operator	Version
arm:avalon_gpu_kernel_driver	arm avalon gpu kernel driver	lt	r43p0
arm:bifrost_gpu_kernel_driver	arm bifrost gpu kernel driver	lt	r43p0
arm:midgard_gpu_kernel_driver	arm midgard gpu kernel driver	le	r32p0
arm:valhall_gpu_kernel_driver	arm valhall gpu kernel driver	lt	r43p0

References

developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.2%

JSON

Related for CVE-2023-28147

prion1 nvd1 nessus1 cvelist1