CVE-2023-32804 Mali GPU Userspace Driver can make an Out-of-Bounds access

🗓️ 04 Dec 2023 11:54:52Reported by ArmType

Out-of-Bounds Write vulnerability in Mali GPU Userspace Driver

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the Arm Mali driver for ChromeOS and ChromeOS Flex operating systems allows attackers to gain increased privileges.	29 Aug 202300:00	–	bdu_fstec
Circl	CVE-2023-32804	23 Dec 202309:11	–	circl
CNNVD	ARM Mali GPU Kernel Driver Buffer Error Vulnerability	4 Dec 202300:00	–	cnnvd
CVE	CVE-2023-32804	4 Dec 202311:54	–	cve
EUVD	EUVD-2023-37025	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Google Android and Samsung Mobile	5 Dec 202300:00	–	ncsc
NVD	CVE-2023-32804	4 Dec 202312:15	–	nvd
OSV	ASB-A-272772567	1 Dec 202300:00	–	osv
Prion	Design/Logic Flaw	4 Dec 202312:15	–	prion
Positive Technologies	PT-2023-4577 · Arm · Arm 5Th Gen Gpu Architecture Userspace Driver +3	25 Aug 202300:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "product": "Midgard GPU Userspace Driver",
    "vendor": "Arm Ltd",
    "versions": [
      {
        "lessThanOrEqual": "r32p0",
        "status": "affected",
        "version": "r0p0",
        "versionType": "patch"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Bifrost GPU Userspace Driver",
    "vendor": "Arm Ltd",
    "versions": [
      {
        "changes": [
          {
            "at": "r44p1",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "r44p0",
        "status": "affected",
        "version": "r0p0",
        "versionType": "patch"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Valhall GPU Userspace Driver",
    "vendor": "Arm Ltd",
    "versions": [
      {
        "changes": [
          {
            "at": "r44p1",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "r44p0",
        "status": "affected",
        "version": "r19p0",
        "versionType": "patch"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Arm 5th Gen GPU Architecture Userspace Driver",
    "vendor": "Arm Ltd",
    "versions": [
      {
        "changes": [
          {
            "at": "r44p1",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "r44p0",
        "status": "affected",
        "version": "r41p0",
        "versionType": "patch"
      }
    ]
  }
]

Source	Link
developer	www.developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

04 Dec 2023 11:54Current

7.8High risk

Vulners AI Score7.8

EPSS0.00146

CWE-787