Lucene search
HistoryOct 03, 2023 - 5:15 p.m.
CVE-2023-33200
local user
race condition
freed memory
gpu processing
cve-2023-33200
CVSS3
4.7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
29.3%
A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.
Affected configurations
Node
armbifrost_gpu_kernel_driverRanger17p0–r44p1
ORarmmali_gpu_kernel_driverRanger41p0–r44p1
ORarmvalhall_gpu_kernel_driverRanger19p0–r44p1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| arm | bifrost_gpu_kernel_driver | * | cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:* |
| arm | mali_gpu_kernel_driver | * | cpe:2.3:a:arm:mali_gpu_kernel_driver:*:*:*:*:*:*:*:* |
| arm | valhall_gpu_kernel_driver | * | cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:* |
Related
nessus
nessus
ARM Mali GPU Kernel Driver < r44p1 Improper Memory Access (CVE-2023-33200)
2023-10-03 00:00:00
prion
prion
Race condition
2023-10-03 17:15:00
cvelist
cvelist
cve
cve
CVE-2023-33200
2023-10-03 17:15:09
thn
thn
CVSS3
4.7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
29.3%
Related for NVD:CVE-2023-33200