Description
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory write outside the permitted range of memory for the host kernel. A TOCTOU bug existed where a malicious driver could modify values in memory after firmware validation but before use.
Problem types
CWE - CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition (4.20)
Product status
1.18 RTM2 (custom)
23.2 RTM2 (custom)
24.2 RTM2 (custom)
25.1 RTM2 (custom)
26.1 RTM1 (custom)
26.1 RTM2 (custom)
References
www.imaginationtech.com/gpu-driver-vulnerabilities/