What is CVE-2023-22808?

CVE-2023-22808 is a vulnerability discovered in the Arm Android Gralloc Module, which allows a non-privileged user to read a small portion of the allocator process memory.

Which software is affected by CVE-2023-22808?

The Arm Avalon Android Gralloc Module, Arm Bifrost Android Gralloc Module (r24p0 through r41p0), and Arm Valhall Android Gralloc Module (r24p0 through r41p0) are affected by CVE-2023-22808.

What is the severity of CVE-2023-22808?

CVE-2023-22808 has a severity level of 3.3 (low).

How can I fix CVE-2023-22808?

To fix CVE-2023-22808, it is recommended to update to the latest version of the affected software.

Where can I find more information about CVE-2023-22808?

You can find more information about CVE-2023-22808 on the Arm Security Center website at: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

Vulnerability/
CVE-2023-22808

low

3.3

CWE

125

11/4/2023

21/4/2023

CVE-2023-22808

First published: Tue Apr 11 2023(Updated: )

An issue was discovered in the Arm Android Gralloc Module. A non-privileged user can read a small portion of the allocator process memory. This affects Bifrost r24p0 through r41p0 before r42p0, Valhall r24p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Arm Avalon Android Gralloc Module	=r41p0
Arm Bifrost Android Gralloc Module	>=r24p0<=r41p0
Arm Valhall Android Gralloc Module	>=r24p0<=r41p0

Never miss a vulnerability like this again

Reference Links

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

Frequently Asked Questions

What is CVE-2023-22808?
CVE-2023-22808 is a vulnerability discovered in the Arm Android Gralloc Module, which allows a non-privileged user to read a small portion of the allocator process memory.
Which software is affected by CVE-2023-22808?
The Arm Avalon Android Gralloc Module, Arm Bifrost Android Gralloc Module (r24p0 through r41p0), and Arm Valhall Android Gralloc Module (r24p0 through r41p0) are affected by CVE-2023-22808.
What is the severity of CVE-2023-22808?
CVE-2023-22808 has a severity level of 3.3 (low).
How can I fix CVE-2023-22808?
To fix CVE-2023-22808, it is recommended to update to the latest version of the affected software.
Where can I find more information about CVE-2023-22808?
You can find more information about CVE-2023-22808 on the Arm Security Center website at: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

collector/nvd-index
agent/severity
agent/author
agent/tags
agent/first-publish-date
vendor/arm
canonical/arm avalon android gralloc module
version/arm avalon android gralloc module/r41p0
canonical/arm bifrost android gralloc module
version/arm bifrost android gralloc module/r24p0
version/arm bifrost android gralloc module/r41p0
canonical/arm valhall android gralloc module
version/arm valhall android gralloc module/r24p0
version/arm valhall android gralloc module/r41p0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.