exploitDog

CVE-2023-22808

Опубликовано: 11 апр. 2023

Источник: nvd

CVSS3: 3.3

EPSS Низкий

Описание

An issue was discovered in the Arm Android Gralloc Module. A non-privileged user can read a small portion of the allocator process memory. This affects Bifrost r24p0 through r41p0 before r42p0, Valhall r24p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.

Ссылки

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Vendor Advisory
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:arm:avalon_android_gralloc_module:r41p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_android_gralloc_module:*:*:*:*:*:*:*:*

Версия от r24p0 (включая) до r41p0 (включая)

cpe:2.3:a:arm:valhall_android_gralloc_module:*:*:*:*:*:*:*:*

Версия от r24p0 (включая) до r41p0 (включая)

EPSS

Процентиль: 25%

0.00087

Низкий

3.3 Low

CVSS3

Дефекты

CWE-125

CWE-125

Связанные уязвимости

GHSA-g255-42rw-mh49

CVSS3: 3.3

github

почти 3 года назад

An issue was discovered in the Arm Android Gralloc Module. A non-privileged user can read a small portion of the allocator process memory. This affects Bifrost r24p0 through r41p0 before r42p0, Valhall r24p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.

EPSS

Процентиль: 25%

0.00087

Низкий

3.3 Low

CVSS3

Дефекты

CWE-125

CWE-125