Lucene search

K
nvd[email protected]NVD:CVE-2023-26083
HistoryApr 06, 2023 - 4:15 p.m.

CVE-2023-26083

2023-04-0616:15:07
CWE-401
web.nvd.nist.gov
1
mali
gpu
kernel driver
memory leak
vulnerability
midgard
bifrost
valhall
avalon
non-privileged user
gpu processing operations
sensitive kernel metadata

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

3.8 Low

AI Score

Confidence

High

0.061 Low

EPSS

Percentile

93.6%

Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.

Affected configurations

NVD
Node
armavalon_gpu_kernel_driverRanger41p0r43p0
OR
armbifrost_gpu_kernel_driverRanger0p0r43p0
OR
armmidgardRanger6p0r32p0
OR
armvalhall_gpu_kernel_driverRanger19p0r43p0

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

3.8 Low

AI Score

Confidence

High

0.061 Low

EPSS

Percentile

93.6%