Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.
References
Link | Resource |
---|---|
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities | Vendor Advisory |
https://www.cybersecurity-help.cz/vdb/SB2023033049 | Third Party Advisory |
https://www.cybersecurity-help.cz/vulnerabilities/74210/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Apr 2023, 17:31
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 3.3 |
11 Apr 2023, 14:14
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.cybersecurity-help.cz/vdb/SB2023033049 - Third Party Advisory | |
References | (CONFIRM) https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities - Vendor Advisory | |
References | (MISC) https://www.cybersecurity-help.cz/vulnerabilities/74210/ - Third Party Advisory | |
CWE | CWE-401 | |
CPE | cpe:2.3:a:arm:avalon_gpu_kernel_driver:*:*:*:*:*:*:*:* cpe:2.3:a:arm:midgard:*:*:*:*:*:*:*:* cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:* cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
First Time |
Arm midgard
Arm Arm valhall Gpu Kernel Driver Arm avalon Gpu Kernel Driver Arm bifrost Gpu Kernel Driver |
06 Apr 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-06 16:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-26083
Mitre link : CVE-2023-26083
CVE.ORG link : CVE-2023-26083
JSON object : View
Products Affected
arm
- midgard
- bifrost_gpu_kernel_driver
- valhall_gpu_kernel_driver
- avalon_gpu_kernel_driver
CWE
CWE-401
Missing Release of Memory after Effective Lifetime