Home

Description

A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory.

PUBLISHED Reserved 2023-08-09 | Published 2023-11-07 | Updated 2024-09-04 | Assigner Arm

Problem types

CWE-1251 Mirrored Regions with Different Values

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Product status

Default status
unaffected

r8p0 (patch)
affected

Default status
unaffected

r0p0 (patch) before r42p0
affected

Default status
unaffected

r19p0 (patch) before r42p0
affected

Default status
unaffected

r41p0 (patch) before r42p0
affected

Credits

Jann Horn at Google finder

References

developer.arm.com/... Center/Mali GPU Driver Vulnerabilities

cve.org (CVE-2023-4272)

nvd.nist.gov (CVE-2023-4272)

Download JSON