All the vulnerabilites related to Arm Ltd - Arm 5th Gen GPU Architecture Kernel Driver
cve-2024-0671
Vulnerability from cvelistv5
Published
2024-04-19 08:50
Modified
2024-08-01 18:11
Severity ?
EPSS score ?
Summary
Mali GPU Kernel Driver allows improper GPU memory processing operations
References
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:r41p0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "5th_gen_gpu_architecture_kernel_driver", "vendor": "arm", "versions": [ { "status": "affected", "version": "r41p0" } ] }, { "cpes": [ "cpe:2.3:a:arm:valhall_gpu_kernel_driver:r19p0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "valhall_gpu_kernel_driver", "vendor": "arm", "versions": [ { "status": "affected", "version": "r19p0" } ] }, { "cpes": [ "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "bifrost_gpu_kernel_driver", "vendor": "arm", "versions": [ { "status": "affected", "version": "r7p0" } ] }, { "cpes": [ "cpe:2.3:a:arm:midgard_gpu_kernel_driver:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "midgard_gpu_kernel_driver", "vendor": "arm", "versions": [ { "status": "affected", "version": "r19p0" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-0671", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-04-22T20:28:22.504871Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:58:24.775Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:11:35.717Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Midgard GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "lessThanOrEqual": "r32p0", "status": "affected", "version": "r19p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Bifrost GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r49p0", "status": "unaffected" } ], "lessThanOrEqual": "r48p0", "status": "affected", "version": "r7p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Valhall GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r49p0", "status": "unaffected" } ], "lessThanOrEqual": "r48p0", "status": "affected", "version": "r19p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r49p0", "status": "unaffected" } ], "lessThanOrEqual": "r48p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] } ], "datePublic": "2024-04-19T08:50:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.\u003cp\u003eThis issue affects Midgard GPU Kernel Driver: from r19p0 through r32p0; Bifrost GPU Kernel Driver: from r7p0 through r48p0; Valhall GPU Kernel Driver: from r19p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r48p0.\u003c/p\u003e" } ], "value": "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Midgard GPU Kernel Driver: from r19p0 through r32p0; Bifrost GPU Kernel Driver: from r7p0 through r48p0; Valhall GPU Kernel Driver: from r19p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r48p0.\n\n" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-19T08:50:56.342Z", "orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p0. Users are recommended to upgrade if they are impacted by this issue.\u003cbr\u003e" } ], "value": "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p0. Users are recommended to upgrade if they are impacted by this issue.\n" } ], "source": { "discovery": "UNKNOWN" }, "title": "Mali GPU Kernel Driver allows improper GPU memory processing operations", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "assignerShortName": "Arm", "cveId": "CVE-2024-0671", "datePublished": "2024-04-19T08:50:56.342Z", "dateReserved": "2024-01-18T10:10:48.946Z", "dateUpdated": "2024-08-01T18:11:35.717Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-6241
Vulnerability from cvelistv5
Published
2024-03-04 12:15
Modified
2024-08-25 15:24
Severity ?
EPSS score ?
Summary
Mali GPU Kernel Driver allows improper GPU memory processing operations
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:21:17.931Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "midgard_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r32p0", "status": "affected", "version": "r13p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "bifrost_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r25p0", "status": "affected", "version": "r11p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "valhall_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r25p0", "status": "affected", "version": "r19p0", "versionType": "custom" }, { "lessThanOrEqual": "r46p0", "status": "affected", "version": "r29p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "5th_gen_gpu_architecture_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r46p0", "status": "affected", "version": "r41p0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-6241", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-09T04:00:50.591116Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-25T15:24:36.250Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Midgard GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "lessThanOrEqual": "r32p0", "status": "affected", "version": "r13p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Bifrost GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r26p0", "status": "unaffected" } ], "lessThanOrEqual": "r25p0", "status": "affected", "version": "r11p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Valhall GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r26p0", "status": "unaffected" } ], "lessThanOrEqual": "r25p0", "status": "affected", "version": "r19p0", "versionType": "patch" }, { "changes": [ { "at": "r47p0", "status": "unaffected" } ], "lessThanOrEqual": "r46p0", "status": "affected", "version": "r29p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r47p0", "status": "unaffected" } ], "lessThanOrEqual": "r46p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Man Yue Mo of GitHub Security Lab" } ], "datePublic": "2024-03-04T12:15:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system\u2019s memory is carefully prepared by the user, then this in turn cause a use-after-free.\u003cp\u003eThis issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r11p0 through r25p0; Valhall GPU Kernel Driver: from r19p0 through r25p0, from r29p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.\u003c/p\u003e" } ], "value": "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system\u2019s memory is carefully prepared by the user, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r11p0 through r25p0; Valhall GPU Kernel Driver: from r19p0 through r25p0, from r29p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.\n\n" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-04T12:15:58.212Z", "orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the Bifrost Kernel Driver in r26p0, in the Valhall Kernel Driver in releases r26p0 and r47p0, and in the Arm 5th Gen GPU Architecture Kernel Driver in r47p0. Users are recommended to upgrade if they are impacted by this issue. Please contact Arm support for Midgard GPUs.\u003cbr\u003e" } ], "value": "This issue is fixed in the Bifrost Kernel Driver in r26p0, in the Valhall Kernel Driver in releases r26p0 and r47p0, and in the Arm 5th Gen GPU Architecture Kernel Driver in r47p0. Users are recommended to upgrade if they are impacted by this issue. Please contact Arm support for Midgard GPUs.\n" } ], "source": { "discovery": "UNKNOWN" }, "title": "Mali GPU Kernel Driver allows improper GPU memory processing operations", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "assignerShortName": "Arm", "cveId": "CVE-2023-6241", "datePublished": "2024-03-04T12:15:58.212Z", "dateReserved": "2023-11-21T13:54:23.398Z", "dateUpdated": "2024-08-25T15:24:36.250Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-3655
Vulnerability from cvelistv5
Published
2024-09-03 09:32
Modified
2024-09-30 15:19
Severity ?
EPSS score ?
Summary
Mali GPU Kernel Driver allows improper GPU memory processing operations
References
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "bifrost_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r49p0", "status": "affected", "version": "r43p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:valhall_gpu_kernel_driver:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "valhall_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r49p0", "status": "affected", "version": "r43p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:arm_5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "arm_5th_gen_gpu_architecture_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r49p0", "status": "affected", "version": "r43p0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-3655", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-04T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-05T03:56:02.342Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Bifrost GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r50p0", "status": "unaffected" }, { "at": "r49p1", "status": "unaffected" } ], "lessThanOrEqual": "r49p0", "status": "affected", "version": "r43p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Valhall GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r50p0", "status": "unaffected" }, { "at": "r49p1", "status": "unaffected" } ], "lessThanOrEqual": "r49p0", "status": "affected", "version": "r43p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r50p0", "status": "unaffected" }, { "at": "r49p1", "status": "unaffected" } ], "lessThanOrEqual": "r49p0", "status": "affected", "version": "r43p0", "versionType": "patch" } ] } ], "datePublic": "2024-09-03T08:28:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.\u003cp\u003eThis issue affects Bifrost GPU Kernel Driver: from r43p0 through r49p0; Valhall GPU Kernel Driver: from r43p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r43p0 through r49p0.\u003c/p\u003e" } ], "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r43p0 through r49p0; Valhall GPU Kernel Driver: from r43p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r43p0 through r49p0." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-30T15:19:48.037Z", "orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p1 and r50p0. Users are recommended to upgrade if they are impacted by this issue.\u003cbr\u003e" } ], "value": "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p1 and r50p0. Users are recommended to upgrade if they are impacted by this issue." } ], "source": { "discovery": "UNKNOWN" }, "title": "Mali GPU Kernel Driver allows improper GPU memory processing operations", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "assignerShortName": "Arm", "cveId": "CVE-2024-3655", "datePublished": "2024-09-03T09:32:48.831Z", "dateReserved": "2024-04-11T13:28:04.436Z", "dateUpdated": "2024-09-30T15:19:48.037Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-1067
Vulnerability from cvelistv5
Published
2024-05-03 13:25
Modified
2024-08-01 18:26
Severity ?
EPSS score ?
Summary
Mali GPU Kernel Driver allows improper GPU memory processing operations
References
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-1067", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-03T16:09:22.347425Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T18:00:24.100Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:26:30.535Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Bifrost GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r48p0", "status": "unaffected" } ], "lessThanOrEqual": "r47p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Valhall GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r48p0", "status": "unaffected" } ], "lessThanOrEqual": "r47p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r48p0", "status": "unaffected" } ], "lessThanOrEqual": "r47p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] } ], "datePublic": "2024-05-03T10:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations.\u0026nbsp;On Armv8.0 cores, there are certain combinations of the Linux Kernel and Mali GPU kernel driver configurations that would allow the GPU operations to affect the userspace memory of other processes.\u003cbr\u003e\u003cp\u003eThis issue affects Bifrost GPU Kernel Driver: from r41p0 through r47p0; Valhall GPU Kernel Driver: from r41p0 through r47p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.\u003c/p\u003e" } ], "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations.\u00a0On Armv8.0 cores, there are certain combinations of the Linux Kernel and Mali GPU kernel driver configurations that would allow the GPU operations to affect the userspace memory of other processes.\nThis issue affects Bifrost GPU Kernel Driver: from r41p0 through r47p0; Valhall GPU Kernel Driver: from r41p0 through r47p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.\n\n" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-03T13:25:06.544Z", "orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r48p0. Users are recommended to upgrade if they are impacted by this issue.\u0026nbsp; \u003cbr\u003e" } ], "value": "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r48p0. Users are recommended to upgrade if they are impacted by this issue.\u00a0 \n" } ], "source": { "discovery": "UNKNOWN" }, "title": "Mali GPU Kernel Driver allows improper GPU memory processing operations", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "assignerShortName": "Arm", "cveId": "CVE-2024-1067", "datePublished": "2024-05-03T13:25:06.544Z", "dateReserved": "2024-01-30T12:10:49.427Z", "dateUpdated": "2024-08-01T18:26:30.535Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-2937
Vulnerability from cvelistv5
Published
2024-08-05 11:31
Modified
2024-09-30 15:56
Severity ?
EPSS score ?
Summary
Mali GPU Kernel Driver allows improper GPU memory processing operations
References
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "bifrost_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r49p0", "status": "affected", "version": "r41p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:valhall_gpu_kernel_driver:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "valhall_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r49p0", "status": "affected", "version": "r41p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "5th_gen_gpu_architecture_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r49p0", "status": "affected", "version": "r41p0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-2937", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-05T16:00:45.648373Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-05T16:31:29.897Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Bifrost GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r50p0", "status": "unaffected" }, { "at": "r49p1", "status": "unaffected" } ], "lessThanOrEqual": "r49p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Valhall GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r50p0", "status": "unaffected" }, { "at": "r49p1", "status": "unaffected" } ], "lessThanOrEqual": "r49p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r50p0", "status": "unaffected" }, { "at": "r49p1", "status": "unaffected" } ], "lessThanOrEqual": "r49p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] } ], "datePublic": "2024-08-05T09:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.\u003cp\u003eThis issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0.\u003c/p\u003e" } ], "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-30T15:56:26.093Z", "orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p1 and r50p0. Users are recommended to upgrade if they are impacted by this issue.\u003cbr\u003e" } ], "value": "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p1 and r50p0. Users are recommended to upgrade if they are impacted by this issue." } ], "source": { "discovery": "UNKNOWN" }, "title": "Mali GPU Kernel Driver allows improper GPU memory processing operations", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "assignerShortName": "Arm", "cveId": "CVE-2024-2937", "datePublished": "2024-08-05T11:31:07.833Z", "dateReserved": "2024-03-26T16:05:39.106Z", "dateUpdated": "2024-09-30T15:56:26.093Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-4607
Vulnerability from cvelistv5
Published
2024-08-05 11:33
Modified
2024-09-30 16:09
Severity ?
EPSS score ?
Summary
Mali GPU Kernel Driver allows improper GPU memory processing operations
References
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "bifrost_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r49p0", "status": "affected", "version": "r41p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:valhall_gpu_kernel_driver:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "valhall_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r49p0", "status": "affected", "version": "r41p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:arm_5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "arm_5th_gen_gpu_architecture_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r49p0", "status": "affected", "version": "r41p0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-4607", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-05T15:53:16.477375Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-05T16:31:24.475Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Bifrost GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r50p0", "status": "unaffected" }, { "at": "r49p1", "status": "unaffected" } ], "lessThanOrEqual": "r49p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Valhall GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r50p0", "status": "unaffected" }, { "at": "r49p1", "status": "unaffected" } ], "lessThanOrEqual": "r49p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r50p0", "status": "unaffected" }, { "at": "r49p1", "status": "unaffected" } ], "lessThanOrEqual": "r49p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] } ], "datePublic": "2024-08-05T09:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.\u003cp\u003eThis issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0.\u003c/p\u003e" } ], "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-30T16:09:42.249Z", "orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p1 and r50p0. Users are recommended to upgrade if they are impacted by this issue.\u003cbr\u003e" } ], "value": "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p1 and r50p0. Users are recommended to upgrade if they are impacted by this issue." } ], "source": { "discovery": "UNKNOWN" }, "title": "Mali GPU Kernel Driver allows improper GPU memory processing operations", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "assignerShortName": "Arm", "cveId": "CVE-2024-4607", "datePublished": "2024-08-05T11:33:31.766Z", "dateReserved": "2024-05-07T14:42:06.627Z", "dateUpdated": "2024-09-30T16:09:42.249Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-6363
Vulnerability from cvelistv5
Published
2024-05-03 13:25
Modified
2024-08-02 08:28
Severity ?
EPSS score ?
Summary
Mali GPU Kernel Driver allows improper GPU processing operations
References
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-6363", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-12T20:54:49.979300Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-12T20:54:57.259Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T08:28:21.788Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Valhall GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r48p0", "status": "unaffected" } ], "lessThanOrEqual": "r47p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r48p0", "status": "unaffected" } ], "lessThanOrEqual": "r47p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] } ], "datePublic": "2024-05-03T10:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.\u003cbr\u003e\u003cp\u003eThis issue affects Valhall GPU Kernel Driver: from r41p0 through r47p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.\u003c/p\u003e" } ], "value": "Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.\nThis issue affects Valhall GPU Kernel Driver: from r41p0 through r47p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.\n\n" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-03T13:25:19.215Z", "orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in Valhall and Arm 5th Gen GPU Architecture Kernel Driver r48p0. Users are recommended to upgrade if they are impacted by this issue.\u0026nbsp; \u003cbr\u003e" } ], "value": "This issue is fixed in Valhall and Arm 5th Gen GPU Architecture Kernel Driver r48p0. Users are recommended to upgrade if they are impacted by this issue.\u00a0 \n" } ], "source": { "discovery": "UNKNOWN" }, "title": "Mali GPU Kernel Driver allows improper GPU processing operations", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "assignerShortName": "Arm", "cveId": "CVE-2023-6363", "datePublished": "2024-05-03T13:25:19.215Z", "dateReserved": "2023-11-28T13:43:01.574Z", "dateUpdated": "2024-08-02T08:28:21.788Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-1065
Vulnerability from cvelistv5
Published
2024-04-19 08:51
Modified
2024-08-01 18:26
Severity ?
EPSS score ?
Summary
Mali GPU Kernel Driver allows improper GPU memory processing operations
References
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:arm:valhall_gpu_kernel_driver:r45p0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "valhall_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r48p0", "status": "affected", "version": "r45p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r45p0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "bifrost_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r48p0", "status": "affected", "version": "r45p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:r45p0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "5th_gen_gpu_architecture_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r48p0", "status": "affected", "version": "r45p0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-1065", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-30T04:00:25.877408Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T18:00:59.375Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:26:30.442Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Bifrost GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r49p0", "status": "unaffected" } ], "lessThanOrEqual": "r48p0", "status": "affected", "version": "r45p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Valhall GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r49p0", "status": "unaffected" } ], "lessThanOrEqual": "r48p0", "status": "affected", "version": "r45p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r49p0", "status": "unaffected" } ], "lessThanOrEqual": "r48p0", "status": "affected", "version": "r45p0", "versionType": "patch" } ] } ], "datePublic": "2024-04-19T08:50:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.\u003cp\u003eThis issue affects Bifrost GPU Kernel Driver: from r45p0 through r48p0; Valhall GPU Kernel Driver: from r45p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r45p0 through r48p0.\u003c/p\u003e" } ], "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r45p0 through r48p0; Valhall GPU Kernel Driver: from r45p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r45p0 through r48p0.\n\n" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-19T08:51:56.962Z", "orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p0. Users are recommended to upgrade if they are impacted by this issue.\u0026nbsp; \u003cbr\u003e" } ], "value": "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p0. Users are recommended to upgrade if they are impacted by this issue.\u00a0 \n" } ], "source": { "discovery": "UNKNOWN" }, "title": "Mali GPU Kernel Driver allows improper GPU memory processing operations", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "assignerShortName": "Arm", "cveId": "CVE-2024-1065", "datePublished": "2024-04-19T08:51:56.962Z", "dateReserved": "2024-01-30T11:48:38.055Z", "dateUpdated": "2024-08-01T18:26:30.442Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-6143
Vulnerability from cvelistv5
Published
2024-03-04 09:54
Modified
2024-08-28 19:03
Severity ?
EPSS score ?
Summary
Mali GPU Kernel Driver allows improper GPU memory processing operations
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:21:17.392Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "midgard_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r32p0", "status": "affected", "version": "r13p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "bifrost_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r18p0", "status": "affected", "version": "r1p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "valhall_gpu_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r46p0", "status": "affected", "version": "r37p0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "5th_gen_gpu_architecture_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r46p0", "status": "affected", "version": "r41p0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-6143", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-10T04:00:33.950770Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-28T19:03:56.048Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Midgard GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "lessThanOrEqual": "r32p0", "status": "affected", "version": "r13p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Bifrost GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r19p0", "status": "unaffected" } ], "lessThanOrEqual": "r18p0", "status": "affected", "version": "r1p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Valhall GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r47p0", "status": "unaffected" } ], "lessThanOrEqual": "r46p0", "status": "affected", "version": "r37p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r47p0", "status": "unaffected" } ], "lessThanOrEqual": "r46p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] } ], "datePublic": "2024-03-04T09:53:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system\u2019s memory is carefully prepared by the user and the system is under heavy load, then this in turn cause a use-after-free.\u003cp\u003eThis issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r1p0 through r18p0; Valhall GPU Kernel Driver: from r37p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.\u003c/p\u003e" } ], "value": "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system\u2019s memory is carefully prepared by the user and the system is under heavy load, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r1p0 through r18p0; Valhall GPU Kernel Driver: from r37p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.\n\n" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-04T09:54:23.132Z", "orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in the Bifrost Kernel Driver in r19p0, in the Valhall and Arm 5th Gen GPU Architecture Kernel Drivers in r47p0. Users are recommended to upgrade if they are impacted by this issue. Please contact Arm support for Midgard GPUs.\u003cbr\u003e" } ], "value": "This issue is fixed in the Bifrost Kernel Driver in r19p0, in the Valhall and Arm 5th Gen GPU Architecture Kernel Drivers in r47p0. Users are recommended to upgrade if they are impacted by this issue. Please contact Arm support for Midgard GPUs.\n" } ], "source": { "discovery": "UNKNOWN" }, "title": "Mali GPU Kernel Driver allows improper GPU memory processing operations", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "assignerShortName": "Arm", "cveId": "CVE-2023-6143", "datePublished": "2024-03-04T09:54:23.132Z", "dateReserved": "2023-11-14T23:48:11.625Z", "dateUpdated": "2024-08-28T19:03:56.048Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-1395
Vulnerability from cvelistv5
Published
2024-05-03 13:24
Modified
2024-08-01 18:40
Severity ?
EPSS score ?
Summary
Mali GPU Kernel Driver allows improper GPU memory processing operations
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:r41p0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "5th_gen_gpu_architecture_kernel_driver", "vendor": "arm", "versions": [ { "lessThanOrEqual": "r47p0", "status": "affected", "version": "r41p0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-1395", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-03T14:44:44.955689Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T18:00:45.931Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:40:20.595Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r48p0", "status": "unaffected" } ], "lessThanOrEqual": "r47p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] } ], "datePublic": "2024-05-03T10:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.\u003cbr\u003e\u003cp\u003eThis issue affects Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.\u003c/p\u003e" } ], "value": "Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.\nThis issue affects Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.\n\n" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-03T13:24:26.606Z", "orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in Arm 5th Gen GPU Architecture Kernel Driver r48p0. Users are recommended to upgrade if they are impacted by this issue.\u003cbr\u003e" } ], "value": "This issue is fixed in Arm 5th Gen GPU Architecture Kernel Driver r48p0. Users are recommended to upgrade if they are impacted by this issue.\n" } ], "source": { "discovery": "UNKNOWN" }, "title": "Mali GPU Kernel Driver allows improper GPU memory processing operations", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "assignerShortName": "Arm", "cveId": "CVE-2024-1395", "datePublished": "2024-05-03T13:24:26.606Z", "dateReserved": "2024-02-09T13:14:39.526Z", "dateUpdated": "2024-08-01T18:40:20.595Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5643
Vulnerability from cvelistv5
Published
2024-02-05 09:49
Modified
2024-08-02 08:07
Severity ?
EPSS score ?
Summary
Mali GPU Kernel Driver allows improper GPU memory processing operations
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:07:32.483Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Bifrost GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r46p0", "status": "unaffected" } ], "lessThanOrEqual": "r45p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Valhall GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r46p0", "status": "unaffected" } ], "lessThanOrEqual": "r45p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Kernel Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r46p0", "status": "unaffected" } ], "lessThanOrEqual": "r45p0", "status": "affected", "version": "r41p0", "versionType": "patch" } ] } ], "datePublic": "2024-02-05T09:49:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a\u0026nbsp;local non-privileged user to make improper GPU memory processing operations. Depending on the configuration of the Mali GPU Kernel Driver, and if the system\u2019s memory is carefully prepared by the user, then this in turn could write to memory outside of buffer bounds.\u003cp\u003eThis issue affects Bifrost GPU Kernel Driver: from r41p0 through r45p0; Valhall GPU Kernel Driver: from r41p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r45p0.\u003c/p\u003e" } ], "value": "Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a\u00a0local non-privileged user to make improper GPU memory processing operations. Depending on the configuration of the Mali GPU Kernel Driver, and if the system\u2019s memory is carefully prepared by the user, then this in turn could write to memory outside of buffer bounds.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r45p0; Valhall GPU Kernel Driver: from r41p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r45p0.\n\n" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-05T09:49:33.885Z", "orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in Bifrost, Valhall, and Arm 5th Gen GPU Architecture Kernel Driver r46p0. Users are recommended to upgrade if they are impacted by this issue." } ], "value": "This issue is fixed in Bifrost, Valhall, and Arm 5th Gen GPU Architecture Kernel Driver r46p0. Users are recommended to upgrade if they are impacted by this issue." } ], "source": { "discovery": "UNKNOWN" }, "title": "Mali GPU Kernel Driver allows improper GPU memory processing operations", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "assignerShortName": "Arm", "cveId": "CVE-2023-5643", "datePublished": "2024-02-05T09:49:33.885Z", "dateReserved": "2023-10-18T15:56:34.068Z", "dateUpdated": "2024-08-02T08:07:32.483Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }