CVE-2024-0153 Mali GPU Firmware allows improper GPU processing operations

2024-07-0109:05:40

CWE-119

Arm

www.cve.org

mali gpu firmware

improper restriction

memory buffer

arm ltd

valhall gpu firmware

5th gen gpu architecture firmware

0.0004 Low

EPSS

Percentile

9.2%

JSON

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. If the operations are carefully prepared, then this in turn could give them access to all system memory. This issue affects Valhall GPU Firmware: from r29p0 through r46p0; Arm 5th Gen GPU Architecture Firmware: from r41p0 through r46p0.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Valhall GPU Firmware",
    "vendor": "Arm Ltd",
    "versions": [
      {
        "changes": [
          {
            "at": "r47p0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "r46p0",
        "status": "affected",
        "version": "r29p0",
        "versionType": "patch"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Arm 5th Gen GPU Architecture Firmware",
    "vendor": "Arm Ltd",
    "versions": [
      {
        "changes": [
          {
            "at": "r47p0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "r46p0",
        "status": "affected",
        "version": "r41p0",
        "versionType": "patch"
      }
    ]
  }
]

References

developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for CVELIST:CVE-2024-0153