exploitDog

CVE-2022-20235

Опубликовано: 26 янв. 2023

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

The PowerVR GPU kernel driver maintains an "Information Page" used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product: AndroidVersions: Android SoCAndroid ID: A-259967780

Ссылки

https://source.android.com/security/bulletin/2023-01-01
Vendor Advisory
https://source.android.com/security/bulletin/2023-01-01
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 13%

0.00043

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-787

CWE-787

Связанные уязвимости

GHSA-c474-93fq-8fxp

CVSS3: 5.5

github

около 3 лет назад

The PowerVR GPU kernel driver maintains an "Information Page" used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product: AndroidVersions: Android SoCAndroid ID: A-259967780

EPSS

Процентиль: 13%

0.00043

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-787

CWE-787