VDB

CISA-2023-34970

CISA-2023-34970 PUBLISHED CVSS 4.7 MEDIUM

Reported by Arm · Published October 3, 2023

A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory

Risk Scores

CVSS 3.1
4.7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Arm LtdValhall GPU Kernel Driverr44p0
Arm LtdArm 5th Gen GPU Architecture Kernel Driverr41p0
Arm LtdArm 5th Gen GPU Architecture Kernel Driverr41p0, *
Arm LtdValhall GPU Kernel Driverr44p0, r44p0

Timeline

  • Oct 3, 2023 CVE Published
  • Mar 7, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›