What is the CVE ID of this vulnerability?

The CVE ID of this vulnerability is CVE-2023-4211.

What is the title of this vulnerability?

The title of this vulnerability is Arm Mali GPU Kernel Driver Use-After-Free Vulnerability.

What is the description of this vulnerability?

This vulnerability allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.

Who is affected by this vulnerability?

Arm Mali GPU Kernel Driver is affected by this vulnerability.

Are there any patches available for this vulnerability?

Patches may not be available for this vulnerability, but it is recommended to check the references for updates and patches.

Vulnerability/
CVE-2023-4211

Exploited

medium

5.5

CWE

416

1/10/2023

27/10/2023

CVE-2023-4211: Arm Mali GPU Kernel Driver Use-After-Free Vulnerability

First published: Sun Oct 01 2023(Updated: )

A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.

Credit: arm-security@arm.com arm-security@arm.com

Affected Software	Affected Version	How to fix
Google Android
Arm Mali GPU Kernel Driver
Arm 5th Gen GPU Architecture Kernel Driver	>=r41p0<=r42p0
Arm Bifrost	>=r0p0<=r42p0
Arm Midgard	>=r12p0<=r32p0
Arm Valhall	>=r19p0<=r42p0

Remedy

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Never miss a vulnerability like this again

Reference Links

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2023-4211.
What is the title of this vulnerability?
The title of this vulnerability is Arm Mali GPU Kernel Driver Use-After-Free Vulnerability.
What is the description of this vulnerability?
This vulnerability allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.
Who is affected by this vulnerability?
Arm Mali GPU Kernel Driver is affected by this vulnerability.
Are there any patches available for this vulnerability?
Patches may not be available for this vulnerability, but it is recommended to check the references for updates and patches.

zeroday/true
agent/author
agent/type
agent/last-modified-date
agent/first-publish-date
collector/android-source
agent/software-canonical-lookup-request
agent/softwarecombine
agent/event
exploited/true
collector/cisa-known-exploited
source/CISA
agent/software-canonical-lookup
agent/severity
agent/references
agent/remedy
agent/title
agent/tags
agent/weakness
agent/description
collector/nvd-index
collector/nvd-api
vendor/google
canonical/google android
vendor/arm
canonical/arm mali gpu kernel driver
canonical/arm 5th gen gpu architecture kernel driver
version/arm 5th gen gpu architecture kernel driver/r41p0
version/arm 5th gen gpu architecture kernel driver/r42p0
canonical/arm bifrost
version/arm bifrost/r0p0
version/arm bifrost/r42p0
canonical/arm midgard
version/arm midgard/r12p0
version/arm midgard/r32p0
canonical/arm valhall
version/arm valhall/r19p0
version/arm valhall/r42p0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.