exploitDog

CVE-2024-1395

Опубликовано: 03 мая 2024

Источник: nvd

CVSS3: 6.7

EPSS Низкий

Описание

Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This issue affects Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.

Ссылки

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Vendor Advisory
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*

Версия от r41p0 (включая) до r48p0 (исключая)

EPSS

Процентиль: 26%

0.00093

Низкий

6.7 Medium

CVSS3

Дефекты

CWE-416

CWE-416

Связанные уязвимости

GHSA-79fj-qcrm-4368

CVSS3: 6.7

github

почти 2 года назад

Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This issue affects Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.

EPSS

Процентиль: 26%

0.00093

Низкий

6.7 Medium

CVSS3

Дефекты

CWE-416

CWE-416