First published: Tue Nov 07 2023(Updated: )
A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory.
Credit: arm-security@arm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Arm Bifrost Gpu Kernel Driver | >=r0p0<=r41p0 | |
Arm Mali GPU Kernel Driver | =r41p0 | |
Arm Midgard Gpu Kernel Driver | >=r8p0<=r32p0 | |
Arm Valhall Gpu Kernel Driver | >=r19p0<=r41p0 | |
Google Android |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2023-4272.
The severity of CVE-2023-4272 is medium with a severity value of 5.5.
The Arm Bifrost Gpu Kernel Driver, Arm Mali GPU Kernel Driver, Arm Midgard Gpu Kernel Driver, and Arm Valhall Gpu Kernel Driver are affected by CVE-2023-4272.
A local non-privileged user can exploit CVE-2023-4272 by making GPU processing operations that expose sensitive data from previously freed memory.
You can find more information about CVE-2023-4272 at the Arm Security Center's Mali GPU Driver Vulnerabilities page: [Arm Security Center - Mali GPU Driver Vulnerabilities](https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities).