VDB
CISA-2023-34970
CISA-2023-34970
PUBLISHED
CVSS 4.7 MEDIUM
Reported by Arm · Published October 3, 2023
A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory
Risk Scores
CVSS 3.1
4.7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Arm Ltd | Valhall GPU Kernel Driver | r44p0 |
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver | r41p0 |
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver | r41p0, * |
| Arm Ltd | Valhall GPU Kernel Driver | r44p0, r44p0 |
Timeline
- Oct 3, 2023 CVE Published
- Mar 7, 2025 CVE Updated