GSD-2023-21165 — Vulnetix

GSD-2023-21165 PUBLISHED CVSS 8.399999618530273 HIGH

In DevmemIntUnmapPMR of devicemem_server.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Scores

CVSS v3.1

8.399999618530273

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
imaginationtech	powervr-gpu	0
Google	Android	Android SoC

Timeline

Jul 12, 2023 CVE Published

References

https://source.android.com/security/bulletin/2024-01-01 url

Open in Interactive Console →