Advisory Published


First published: Wed Sep 27 2023(Updated: )

PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin.


Affected SoftwareAffected VersionHow to fix
Canonical Ubuntu Linux=22.04
Amd Ryzen 7 4800u
Intel Core I7-10510u
Intel Core I7-12700k
Intel Core I7-8700
Microsoft Windows 11
Intel Core I7-10610u
Microsoft Windows 11
Intel Core I7-11800h
Nvidia Geforce Rtx 3060
Microsoft Windows 10
Amd Ryzen 5 7600x
Nvidia Geforce Rtx 2080 Super
Apple macOS=13.1
Apple M1 Mac Mini
Google Android=13.0
Google Pixel 6

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the vulnerability ID for this issue?

    The vulnerability ID for this issue is CVE-2023-44216.

  • What is the severity of CVE-2023-44216?

    The severity of CVE-2023-44216 is medium with a CVSS score of 5.3.

  • Which software is affected by CVE-2023-44216?

    The software affected by CVE-2023-44216 includes Canonical Ubuntu Linux 22.04, Microsoft Windows 10, Intel Core I7-10510u, Intel Core I7-8700, Microsoft Windows 11, Intel Core I7-10610u, Intel Core I7-11800h, Nvidia GeForce RTX 3060, Amd Ryzen 5 7600x, Nvidia GeForce RTX 2080 Super, Apple macOS 13.1, Google Android 13.0, Google Pixel 6.

  • What is PVRIC (PowerVR Image Compression)?

    PVRIC (PowerVR Image Compression) is a software-transparent compression technique used on Imagination 2018 and later GPU devices.

  • What are the potential attacks enabled by CVE-2023-44216?

    CVE-2023-44216 enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification.


SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203