We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-4272

Mali GPU Kernel Driver exposes sensitive data from freed memory



Description

A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory.

Reserved 2023-08-09 | Published 2023-11-07 | Updated 2024-09-04 | Assigner Arm

Problem types

CWE-1251 Mirrored Regions with Different Values

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Product status

Default status
unaffected

r8p0
affected

Default status
unaffected

r0p0 before r42p0
affected

Default status
unaffected

r19p0 before r42p0
affected

Default status
unaffected

r41p0 before r42p0
affected

Credits

Jann Horn at Google finder

References

developer.arm.com/... Center/Mali GPU Driver Vulnerabilities

cve.org (CVE-2023-4272)

nvd.nist.gov (CVE-2023-4272)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-4272

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.