CVE-2024-1395 Mali GPU Kernel Driver allows improper GPU memory processing operations

2024-05-0313:24:26

CWE-416

Arm

www.cve.org

cve-2024-1395

mali gpu

kernel driver

gpu memory

use after free

arm ltd

5th gen

architecture

memory processing

vulnerability

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.
This issue affects Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Arm 5th Gen GPU Architecture Kernel Driver",
    "vendor": "Arm Ltd",
    "versions": [
      {
        "changes": [
          {
            "at": "r48p0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "r47p0",
        "status": "affected",
        "version": "r41p0",
        "versionType": "patch"
      }
    ]
  }
]

References

developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities