CVE-2024-43702 | THREATINT

Description

Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page.

PUBLISHED Reserved 2024-08-15 | Published 2024-11-30 | Updated 2024-12-01 | Assigner imaginationtech

Problem types

CWE - CWE-280: Improper Handling of Insufficient Permissions or Privileges (4.15)

Product status

Default status

unknown

1.13 RTM (custom)

affected

24.2 RTM2 (custom)

unaffected

References

www.imaginationtech.com/gpu-driver-vulnerabilities/

cve.org (CVE-2024-43702)

nvd.nist.gov (CVE-2024-43702)

Download JSON