CVE-2024-0153 Mali GPU Firmware allows improper GPU processing operations

2024-07-0109:05:40

CWE-119

Arm

github.com

cve-2024-0153

mali gpu firmware

memory buffer

vulnerability

arm ltd

valhall gpu firmware

5th gen gpu architecture firmware

6.8 Medium

AI Score

Confidence

High

JSON

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. If the operations are carefully prepared, then this in turn could give them access to all system memory. This issue affects Valhall GPU Firmware: from r29p0 through r46p0; Arm 5th Gen GPU Architecture Firmware: from r41p0 through r46p0.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Valhall GPU Firmware",
    "vendor": "Arm Ltd",
    "versions": [
      {
        "changes": [
          {
            "at": "r47p0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "r46p0",
        "status": "affected",
        "version": "r29p0",
        "versionType": "patch"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Arm 5th Gen GPU Architecture Firmware",
    "vendor": "Arm Ltd",
    "versions": [
      {
        "changes": [
          {
            "at": "r47p0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "r46p0",
        "status": "affected",
        "version": "r41p0",
        "versionType": "patch"
      }
    ]
  }
]

References

developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

6.8 Medium

AI Score

Confidence

High

JSON

Related for VULNRICHMENT:CVE-2024-0153