CVE-2023-5427

Опубликовано: 01 дек. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r45p0; Valhall GPU Kernel Driver: from r44p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r45p0.

Ссылки

http://packetstormsecurity.com/files/176029/ARM-Mali-r44p0-Use-After-Free.html
Exploit
Third Party Advisory
VDB Entry
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Vendor Advisory
http://packetstormsecurity.com/files/176029/ARM-Mali-r44p0-Use-After-Free.html
Exploit
Third Party Advisory
VDB Entry
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*

Версия от r44p0 (включая) до r46p0 (исключая)

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*

Версия от r44p0 (включая) до r46p0 (исключая)

cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*

Версия от r44p0 (включая) до r46p0 (исключая)

EPSS

Процентиль: 35%

0.00139

Низкий

7.8 High

CVSS3

Дефекты

CWE-416

Связанные уязвимости

GHSA-jrr9-w96c-8wpv

CVSS3: 7.8

github

около 2 лет назад

A local non-privileged user can make improper GPU processing operations to gain access to already freed memory.

EPSS

Процентиль: 35%

0.00139

Низкий

7.8 High

CVSS3

Дефекты

CWE-416