Vulnerabilites related to Imagination Technologies - Graphics DDK
cve-2024-46971
Vulnerability from cvelistv5
Published
2024-12-13 17:32
Modified
2024-12-16 16:43
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.13 RTM < Patch: 24.2 RTM2 |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-46971", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-16T16:42:52.060278Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-16T16:43:33.097Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM1", status: "affected", version: "1.13 RTM", versionType: "custom", }, { status: "unaffected", version: "24.2 RTM2", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\"> Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.</span>", }, ], value: "Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.", }, ], impacts: [ { capecId: "CAPEC-124", descriptions: [ { lang: "en", value: "CAPEC-124 Shared Resource Manipulation", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-362", description: "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-13T17:32:52.879Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - UAF of memory in PMRUnlockSysPhysAddressesLocalMem for on-demand PMRs on PCI (LMA) systems", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-46971", datePublished: "2024-12-13T17:32:52.879Z", dateReserved: "2024-09-16T13:20:45.923Z", dateUpdated: "2024-12-16T16:43:33.097Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-47900
Vulnerability from cvelistv5
Published
2025-01-31 03:19
Modified
2025-03-14 15:20
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to access OOB kernel memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 25.1 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-47900", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-31T16:28:38.746021Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-14T15:20:10.116Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM2", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to access OOB kernel memory.<br>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to access OOB kernel memory.", }, ], impacts: [ { capecId: "CAPEC-129", descriptions: [ { lang: "en", value: "CAPEC-129: Pointer Manipulation", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-823", description: "CWE-823: Use of Out-of-range Pointer Offset", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-31T03:19:33.603Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - Multiple integer overflow in DmaTransfer PMR_DevPhysAddr functions leading to OOB writes", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-47900", datePublished: "2025-01-31T03:19:33.603Z", dateReserved: "2024-10-04T16:08:49.939Z", dateUpdated: "2025-03-14T15:20:10.116Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-47896
Vulnerability from cvelistv5
Published
2025-02-22 14:50
Modified
2025-03-05 16:56
Severity ?
EPSS score ?
Summary
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 25.1 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-47896", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:56:49.878825Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T16:56:53.389Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.</span>\n\n<br>", }, ], value: "Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.", }, ], impacts: [ { capecId: "CAPEC-480", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-823", description: "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-22T14:50:58.213Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - rgxfw_hwr_log_info OOB write via psHWRInfoBuf->ui32WriteIndex", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-47896", datePublished: "2025-02-22T14:50:58.213Z", dateReserved: "2024-10-04T16:08:49.937Z", dateUpdated: "2025-03-05T16:56:53.389Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-52938
Vulnerability from cvelistv5
Published
2025-01-13 11:50
Modified
2025-01-13 14:54
Severity ?
EPSS score ?
Summary
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to subvert reconstruction activities to trigger a write of data outside the Guest's virtualised GPU memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 24.3 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-52938", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-13T14:53:02.522744Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-13T14:54:41.464Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM2", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "24.3 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to subvert reconstruction activities to trigger a write of data outside the Guest's virtualised GPU memory.</span>\n\n<br>", }, ], value: "Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to subvert reconstruction activities to trigger a write of data outside the Guest's virtualised GPU memory.", }, ], impacts: [ { capecId: "CAPEC-480", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-823", description: "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-13T11:50:24.185Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - rgxfw_pm_add_freelist_for_reconstruction OOB write", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-52938", datePublished: "2025-01-13T11:50:24.185Z", dateReserved: "2024-11-18T04:55:52.555Z", dateUpdated: "2025-01-13T14:54:41.464Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-43701
Vulnerability from cvelistv5
Published
2024-10-14 08:17
Modified
2024-10-15 14:24
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.17 < Patch: 24.2 RTM2 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:imaginationtech:graphics_ddk:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "graphics_ddk", vendor: "imaginationtech", versions: [ { lessThanOrEqual: "24.2rtmi", status: "affected", version: "1.17", versionType: "custom", }, { status: "affected", version: "24.2 RTM2", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-43701", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T14:20:24.697814Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T14:24:07.912Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM1", status: "affected", version: "1.17", versionType: "custom", }, { status: "unaffected", version: "24.2 RTM2", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.</span>", }, ], value: "Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-362", description: "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-14T08:17:01.686Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - PowerVR: TLB invalidate UAF of dma_buf imported into multiple GPU devices", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-43701", datePublished: "2024-10-14T08:17:01.686Z", dateReserved: "2024-08-15T08:21:31.533Z", dateUpdated: "2024-10-15T14:24:07.912Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-43703
Vulnerability from cvelistv5
Published
2024-11-30 02:39
Modified
2024-12-01 23:03
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to achieve unauthorised reads and writes of physical memory from the GPU HW.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.13 RTM < |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:imaginationtech:ddk:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ddk", vendor: "imaginationtech", versions: [ { lessThanOrEqual: "24.2_rtm2", status: "affected", version: "1.13_rtm", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-43703", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-01T23:02:56.824318Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-01T23:03:00.888Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM2", status: "affected", version: "1.13 RTM", versionType: "custom", }, { status: "unaffected", version: "24.3 RTM", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user may conduct improper GPU system calls to achieve u</span><span style=\"background-color: rgb(255, 255, 255);\">nauthorised reads and writes of physical memory from the GPU HW.</span>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to achieve unauthorised reads and writes of physical memory from the GPU HW.", }, ], impacts: [ { capecId: "CAPEC-124", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-124: Shared Resource Manipulation (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE - CWE-416: Use After Free (4.16)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-30T02:39:25.336Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - Duplicate calls to RGXCreateFreeList on the same reservation leads to GPU UAF", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-43703", datePublished: "2024-11-30T02:39:25.336Z", dateReserved: "2024-08-15T08:21:31.533Z", dateUpdated: "2024-12-01T23:03:00.888Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-0468
Vulnerability from cvelistv5
Published
2025-04-04 15:39
Modified
2025-04-07 14:48
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages.
Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 25.1 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2025-0468", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-04-07T14:47:23.907010Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-07T14:48:05.895Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages.</p><p>Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour.</p>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages.\n\nUnder certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour.", }, ], impacts: [ { capecId: "CAPEC-679", descriptions: [ { lang: "en", value: "CAPEC-679: Exploitation of Improperly Configured or Implemented Memory Protections", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-280", description: "CWE-280: Improper Handling of Insufficient Permissions or Privileges", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-04T15:39:37.798Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - ui64RobustnessAddress can overwrite Freelist / HWRT (and bypass PMMETA)", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2025-0468", datePublished: "2025-04-04T15:39:37.798Z", dateReserved: "2025-01-14T09:32:36.718Z", dateUpdated: "2025-04-07T14:48:05.895Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-47897
Vulnerability from cvelistv5
Published
2025-01-13 10:28
Modified
2025-01-13 17:34
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls resulting in platform instability and reboots.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 23.2 RTM2 < Patch: 24.3 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-47897", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-13T17:32:49.132519Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-13T17:34:03.429Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM2", status: "affected", version: "23.2 RTM2", versionType: "custom", }, { status: "unaffected", version: "24.3 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user may conduct improper GPU system calls resulting in platform instability and reboots.</span>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls resulting in platform instability and reboots.", }, ], impacts: [ { capecId: "CAPEC-113", descriptions: [ { lang: "en", value: "CAPEC-113: Interface Manipulation", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-13T10:28:03.266Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - PVRSRVRGXGetEnabledHWPerfBlocksKM off-by-one OOB write", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-47897", datePublished: "2025-01-13T10:28:03.266Z", dateReserved: "2024-10-04T16:08:49.937Z", dateUpdated: "2025-01-13T17:34:03.429Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-0835
Vulnerability from cvelistv5
Published
2025-03-24 11:42
Modified
2025-03-24 13:34
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Patch: 1.15 RTM Version: 23.2 RTM < Patch: 24.3 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2025-0835", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-24T13:32:45.559099Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-24T13:34:32.571Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "23.1 RTM", status: "unaffected", version: "1.15 RTM", versionType: "custom", }, { lessThanOrEqual: "24.2 RTM2", status: "affected", version: "23.2 RTM", versionType: "custom", }, { status: "unaffected", version: "24.3 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>\n\n<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory.</span>\n\n<br></p>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory.", }, ], impacts: [ { capecId: "CAPEC-113", descriptions: [ { lang: "en", value: "CAPEC-113: Interface Manipulation", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416: Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-24T11:42:21.834Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - _WrapExtMemReleasePages called twice if _FlushUMVirtualRange fails", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2025-0835", datePublished: "2025-03-24T11:42:21.834Z", dateReserved: "2025-01-29T13:04:49.849Z", dateUpdated: "2025-03-24T13:34:32.571Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-12577
Vulnerability from cvelistv5
Published
2025-02-22 14:58
Modified
2025-03-18 19:42
Severity ?
EPSS score ?
Summary
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 25.1 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-12577", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-18T19:42:17.355438Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T19:42:29.421Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.</span>\n\n<br>", }, ], value: "Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.", }, ], impacts: [ { capecId: "CAPEC-480", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-823", description: "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-22T14:58:33.780Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - rgxfw_pcset_ungrab OOB write via psFWMemContext->uiPageCatBaseRegSet", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-12577", datePublished: "2025-02-22T14:58:33.780Z", dateReserved: "2024-12-12T15:49:50.965Z", dateUpdated: "2025-03-18T19:42:29.421Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-46973
Vulnerability from cvelistv5
Published
2024-12-28 04:56
Modified
2024-12-28 16:41
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 24.3 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-46973", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-28T16:40:21.352904Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-28T16:41:57.766Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM2", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "24.3 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.</span>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.", }, ], impacts: [ { capecId: "CAPEC-124", descriptions: [ { lang: "en", value: "CAPEC-124: Shared Resource Manipulation", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416: Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-28T04:56:30.585Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "Exploitable kernel use-after-free on psServerMMUContext due to reference count mismanagement", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-46973", datePublished: "2024-12-28T04:56:30.585Z", dateReserved: "2024-09-16T13:20:45.924Z", dateUpdated: "2024-12-28T16:41:57.766Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-12837
Vulnerability from cvelistv5
Published
2025-03-07 07:45
Modified
2025-03-07 15:10
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 25.1 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-12837", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-07T15:09:50.627190Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-07T15:10:49.823Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory.<br>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory.", }, ], impacts: [ { capecId: "CAPEC-113", descriptions: [ { lang: "en", value: "CAPEC-113: Interface Manipulation", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416: Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-07T07:45:16.126Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - Exploitable kernel double free on apsFenceSyncCheckpoints allocated with arbitrary size", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-12837", datePublished: "2025-03-07T07:45:16.126Z", dateReserved: "2024-12-20T03:19:18.355Z", dateUpdated: "2025-03-07T15:10:49.823Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-12576
Vulnerability from cvelistv5
Published
2025-03-07 07:36
Modified
2025-03-07 19:34
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger a crash of the FW running on the GPU freezing graphics output.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 25.1 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-12576", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-07T19:34:21.244595Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-07T19:34:51.249Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger a crash of the FW running on the GPU freezing graphics output.</span>\n\n<br>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger a crash of the FW running on the GPU freezing graphics output.", }, ], impacts: [ { capecId: "CAPEC-113", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-113: Interface Manipulation (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-822", description: "CWE - CWE-822: Untrusted Pointer Dereference (4.16)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-07T07:36:21.228Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - Untrusted app can crash firmware by forcing MCU access to non-aligned address", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-12576", datePublished: "2025-03-07T07:36:21.228Z", dateReserved: "2024-12-12T15:49:47.322Z", dateUpdated: "2025-03-07T19:34:51.249Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-52937
Vulnerability from cvelistv5
Published
2025-01-13 10:37
Modified
2025-01-13 15:56
Severity ?
EPSS score ?
Summary
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 23.2 RTM2 < Patch: 24.3 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-52937", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-13T15:55:00.289313Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-13T15:56:26.099Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM2", status: "affected", version: "23.2 RTM2", versionType: "custom", }, { status: "unaffected", version: "24.3 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.</span>\n\n</span>", }, ], value: "Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.", }, ], impacts: [ { capecId: "CAPEC-480", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-823", description: "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-13T10:37:03.187Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - rgxfw_kernel_CMD_DISABLE_ZSSTORE OOB write via ui32WriteOffsetOfDisableZSStore", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-52937", datePublished: "2025-01-13T10:37:03.187Z", dateReserved: "2024-11-18T04:55:52.554Z", dateUpdated: "2025-01-13T15:56:26.099Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-25178
Vulnerability from cvelistv5
Published
2025-04-04 15:42
Modified
2025-04-04 15:42
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause kernel system memory corruption.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 25.1 RTM |
{ containers: { cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>\n\n<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user may conduct improper GPU system calls to cause kernel system memory corruption.</span>\n\n<br></p>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to cause kernel system memory corruption.", }, ], impacts: [ { capecId: "CAPEC-129", descriptions: [ { lang: "en", value: "CAPEC-129: Pointer Manipulation", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1284", description: "CWE-1284: Improper Validation of Specified Quantity in Input", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-04T15:42:57.726Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - PhysmemWrapExtMem uiSize=0 corrupts kernel memory", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2025-25178", datePublished: "2025-04-04T15:42:57.726Z", dateReserved: "2025-02-03T18:12:50.622Z", dateUpdated: "2025-04-04T15:42:57.726Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-52935
Vulnerability from cvelistv5
Published
2025-01-13 10:33
Modified
2025-01-13 18:46
Severity ?
EPSS score ?
Summary
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 24.3 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "LOW", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2024-52935", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-13T18:44:35.966243Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-13T18:46:53.869Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM2", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "24.3 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.</span>\n\n</span>", }, ], value: "Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.", }, ], impacts: [ { capecId: "CAPEC-480", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-823", description: "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-13T10:33:56.052Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - psContext->eDM gives OOB write", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-52935", datePublished: "2025-01-13T10:33:56.052Z", dateReserved: "2024-11-18T04:55:52.554Z", dateUpdated: "2025-01-13T18:46:53.869Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-52939
Vulnerability from cvelistv5
Published
2025-02-22 14:54
Modified
2025-02-24 12:28
Severity ?
EPSS score ?
Summary
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to trigger a write data outside the Guest's virtualised GPU memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 25.1 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-52939", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-24T12:28:07.734436Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-24T12:28:55.898Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to trigger a write data outside the Guest's virtualised GPU memory.</span>\n\n<br>", }, ], value: "Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to trigger a write data outside the Guest's virtualised GPU memory.", }, ], impacts: [ { capecId: "CAPEC-480", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-823", description: "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-22T14:54:56.218Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - RGXFWIF_HWPERF_CTL_BLK.uiNumCounters OOB write", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-52939", datePublished: "2025-02-22T14:54:56.218Z", dateReserved: "2024-11-18T04:55:52.555Z", dateUpdated: "2025-02-24T12:28:55.898Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-47899
Vulnerability from cvelistv5
Published
2025-01-31 03:17
Modified
2025-03-18 20:03
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.17 RTM < Patch: 25.1 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-47899", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-31T16:33:45.373660Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T20:03:50.703Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM2", status: "affected", version: "1.17 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.", }, ], impacts: [ { capecId: "CAPEC-124", descriptions: [ { lang: "en", value: "CAPEC-124: Shared Resource Manipulation", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416: Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-31T03:17:20.259Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - PVRSRVDeviceServicesOpen use-after-free condition", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-47899", datePublished: "2025-01-31T03:17:20.259Z", dateReserved: "2024-10-04T16:08:49.938Z", dateUpdated: "2025-03-18T20:03:50.703Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-47895
Vulnerability from cvelistv5
Published
2025-01-13 10:31
Modified
2025-01-13 17:28
Severity ?
EPSS score ?
Summary
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 24.3 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-47895", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-13T17:28:23.176028Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-13T17:28:59.171Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM2", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "24.3 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.</span>", }, ], value: "Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.", }, ], impacts: [ { capecId: "CAPEC-480", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-823", description: "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-13T10:31:46.842Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - OOB read into fwlog due to unchecked block count", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-47895", datePublished: "2025-01-13T10:31:46.842Z", dateReserved: "2024-10-04T16:08:49.937Z", dateUpdated: "2025-01-13T17:28:59.171Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-43705
Vulnerability from cvelistv5
Published
2024-12-28 04:58
Modified
2024-12-28 16:38
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user can trigger the GPU kernel driver to write to arbitrary read-only system files that have been mapped into application memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.13 RTM < Patch: 24.3 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-43705", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-28T16:37:55.989751Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-28T16:38:31.462Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM2", status: "affected", version: "1.13 RTM", versionType: "custom", }, { status: "unaffected", version: "24.3 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user can </span><span style=\"background-color: rgb(255, 255, 255);\">trigger the GPU kernel driver to write to arbitrary read-only system files that have been mapped into application memory.</span>", }, ], value: "Software installed and run as a non-privileged user can trigger the GPU kernel driver to write to arbitrary read-only system files that have been mapped into application memory.", }, ], impacts: [ { capecId: "CAPEC-679", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-679: Exploitation of Improperly Configured or Implemented Memory Protections (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-280", description: "CWE - CWE-280: Improper Handling of Insufficient Permissions or Privileges (4.15)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-28T04:58:08.905Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - Security: Exploitable PVRSRVBridgePhysmemWrapExtMem may lead to overwrite read-only file/memory (e.g. libc.so)", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-43705", datePublished: "2024-12-28T04:58:08.905Z", dateReserved: "2024-08-15T08:21:31.533Z", dateUpdated: "2024-12-28T16:38:31.462Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-47894
Vulnerability from cvelistv5
Published
2025-01-13 10:30
Modified
2025-01-13 17:30
Severity ?
EPSS score ?
Summary
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 24.3 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-47894", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-13T17:29:53.009763Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-13T17:30:36.395Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM2", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "24.3 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.", }, ], value: "Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.", }, ], impacts: [ { capecId: "CAPEC-480", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-823", description: "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-13T10:30:11.770Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - Out of bounds read into fwlog due to unchecked loop bounds", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-47894", datePublished: "2025-01-13T10:30:11.770Z", dateReserved: "2024-10-04T16:08:49.937Z", dateUpdated: "2025-01-13T17:30:36.395Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-43702
Vulnerability from cvelistv5
Published
2024-11-30 02:30
Modified
2024-12-01 23:04
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.13 RTM < Patch: 24.2 RTM2 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:imaginationtech:ddk:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ddk", vendor: "imaginationtech", versions: [ { lessThanOrEqual: "24.2_rtm1", status: "affected", version: "1.13_rtm", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-43702", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-01T23:03:49.943687Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-01T23:04:15.021Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM1", status: "affected", version: "1.13 RTM", versionType: "custom", }, { status: "unaffected", version: "24.2 RTM2", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user may conduct improper GPU system calls </span><span style=\"background-color: rgb(255, 255, 255);\">to allow unprivileged access to arbitrary physical memory page.</span>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page.", }, ], impacts: [ { capecId: "CAPEC-679", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-679: Exploitation of Improperly Configured or Implemented Memory Protections (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-280", description: "CWE - CWE-280: Improper Handling of Insufficient Permissions or Privileges (4.15)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-30T02:30:25.404Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pages", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-43702", datePublished: "2024-11-30T02:30:25.404Z", dateReserved: "2024-08-15T08:21:31.533Z", dateUpdated: "2024-12-01T23:04:15.021Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-46974
Vulnerability from cvelistv5
Published
2025-01-31 03:07
Modified
2025-03-20 14:32
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper read/write operations on imported/exported DMA buffers.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 25.1 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-46974", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-31T16:42:23.922631Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-20T14:32:48.723Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user may conduct improper read/write operations on imported/exported DMA buffers.</span>\n\n<br>", }, ], value: "Software installed and run as a non-privileged user may conduct improper read/write operations on imported/exported DMA buffers.", }, ], impacts: [ { capecId: "CAPEC-180", descriptions: [ { lang: "en", value: "CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-266", description: "CWE-266: Incorrect Privilege Assignment", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-274", description: "CWE-274: Improper Handling of Insufficient Privileges", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-31T03:07:15.179Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - Arbitrary write of read-only dmabuf", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-46974", datePublished: "2025-01-31T03:07:15.179Z", dateReserved: "2024-09-16T13:20:45.924Z", dateUpdated: "2025-03-20T14:32:48.723Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-46975
Vulnerability from cvelistv5
Published
2025-02-22 14:44
Modified
2025-02-24 16:22
Severity ?
EPSS score ?
Summary
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data into another Guest's virtualised GPU memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 25.1 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-46975", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-24T16:20:08.189873Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-24T16:22:17.595Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data into another Guest's virtualised GPU memory.</span>\n\n<br>", }, ], value: "Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data into another Guest's virtualised GPU memory.", }, ], impacts: [ { capecId: "CAPEC-480", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-270", description: "CWE - CWE-270: Privilege Context Switching Error (4.16)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-22T14:44:25.177Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - rgxfw_write_robustness_buffer allows arbitrary catreg set mapping", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-46975", datePublished: "2025-02-22T14:44:25.177Z", dateReserved: "2024-09-16T13:20:45.924Z", dateUpdated: "2025-02-24T16:22:17.595Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-0478
Vulnerability from cvelistv5
Published
2025-03-24 11:37
Modified
2025-03-24 13:39
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages.
Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform, altering their behaviour.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 25.1 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2025-0478", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-24T13:38:12.248370Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-24T13:39:13.462Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM2", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages.</p><p>Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform, altering their behaviour.</p>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages.\n\nUnder certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform, altering their behaviour.", }, ], impacts: [ { capecId: "CAPEC-679", descriptions: [ { lang: "en", value: "CAPEC-679: Exploitation of Improperly Configured or Implemented Memory Protections", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-280", description: "CWE-280: Improper Handling of Insufficient Permissions or Privileges", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-24T11:37:29.200Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - PMMETA_PROTECT PMR can be exported as dma-buf file / GEM object", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2025-0478", datePublished: "2025-03-24T11:37:29.200Z", dateReserved: "2025-01-15T10:03:40.851Z", dateUpdated: "2025-03-24T13:39:13.462Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-47892
Vulnerability from cvelistv5
Published
2024-12-13 17:35
Modified
2024-12-16 18:12
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.13 RTM < Patch: 24.2 RTM2 |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-47892", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-16T18:12:29.436306Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-16T18:12:42.215Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM1", status: "affected", version: "1.13 RTM", versionType: "custom", }, { status: "unaffected", version: "24.2 RTM2", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.</span>", }, ], value: "Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.", }, ], impacts: [ { capecId: "CAPEC-124", descriptions: [ { lang: "en", value: "CAPEC-124 Shared Resource Manipulation", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-362", description: "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-13T17:35:24.387Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - UAF of kernel memory in PMRUnlockPhysAddressesOSMem for on-demand non-4KB PMRs in system memory (UMA)", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-47892", datePublished: "2024-12-13T17:35:24.387Z", dateReserved: "2024-10-04T16:08:49.937Z", dateUpdated: "2024-12-16T18:12:42.215Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-43704
Vulnerability from cvelistv5
Published
2024-11-18 04:54
Modified
2024-11-18 13:52
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to gain access to the graphics buffers of a parent process.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.13 RTM < Patch: 24.2 RTM2 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:imaginationtech:ddk:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ddk", vendor: "imaginationtech", versions: [ { lessThanOrEqual: "24.2_rtm1", status: "affected", version: "1.13_rtm", versionType: "custom", }, { status: "affected", version: "24.2_rtm", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-43704", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-18T13:52:23.942848Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-18T13:52:26.748Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM1", status: "affected", version: "1.13 RTM", versionType: "custom", }, { status: "unaffected", version: "24.2 RTM2", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user may conduct improper GPU system calls to gain access to the graphics buffers of a parent process.</span>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to gain access to the graphics buffers of a parent process.", }, ], impacts: [ { capecId: "CAPEC-124", descriptions: [ { lang: "en", value: "CAPEC-124 Shared Resource Manipulation", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-668", description: "CWE-668 Exposure of Resource to Wrong Sphere", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-18T04:54:20.225Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - PowerVR: PVRSRVAcquireProcessHandleBase can cause psProcessHandleBase reuse when PIDs are reused", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-43704", datePublished: "2024-11-18T04:54:20.225Z", dateReserved: "2024-08-15T08:21:31.533Z", dateUpdated: "2024-11-18T13:52:26.748Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-47898
Vulnerability from cvelistv5
Published
2025-01-31 03:14
Modified
2025-03-20 14:38
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.17 RTM < Patch: 25.1 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-47898", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-31T16:35:58.170939Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-20T14:38:49.501Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM2", status: "affected", version: "1.17 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.</span>\n\n<br>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.", }, ], impacts: [ { capecId: "CAPEC-124", descriptions: [ { lang: "en", value: "CAPEC-124: Shared Resource Manipulation", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416: Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-31T03:14:46.865Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - PVRSRVDeviceSyncOpen use-after-free condition", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-47898", datePublished: "2025-01-31T03:14:46.865Z", dateReserved: "2024-10-04T16:08:49.938Z", dateUpdated: "2025-03-20T14:38:49.501Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-46972
Vulnerability from cvelistv5
Published
2024-12-28 04:53
Modified
2025-03-13 13:48
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 24.1 RTM < |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-46972", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-28T16:43:59.072034Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-13T13:48:09.321Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { status: "affected", version: "24.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.", }, ], impacts: [ { capecId: "CAPEC-92", descriptions: [ { lang: "en", value: "CAPEC-92 Forced Integer Overflow", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-911", description: "CWE - CWE-911: Improper Update of Reference Count", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-28T04:53:56.594Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - Security: Reference count overflow in pvr_sync_rollback_export_fence", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-46972", datePublished: "2024-12-28T04:53:56.594Z", dateReserved: "2024-09-16T13:20:45.924Z", dateUpdated: "2025-03-13T13:48:09.321Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-47891
Vulnerability from cvelistv5
Published
2025-01-31 03:11
Modified
2025-03-18 20:22
Severity ?
EPSS score ?
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 25.1 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-47891", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-31T16:39:46.360171Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T20:22:22.937Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.3 RTM2", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "25.1 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.</span>\n\n<br>", }, ], value: "Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.", }, ], impacts: [ { capecId: "CAPEC-124", descriptions: [ { lang: "en", value: "CAPEC-124: Shared Resource Manipulation", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416: Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-31T03:11:58.828Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - Exploitable double free on PTL_STREAM_DESC object in the kernel function TLServerCloseStreamKM due to a race condition", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-47891", datePublished: "2025-01-31T03:11:58.828Z", dateReserved: "2024-10-04T16:08:49.936Z", dateUpdated: "2025-03-18T20:22:22.937Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-52936
Vulnerability from cvelistv5
Published
2025-01-13 10:35
Modified
2025-01-31 16:16
Severity ?
EPSS score ?
Summary
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest's virtualised GPU memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 24.3 RTM |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-52936", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-31T16:15:06.601654Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-31T16:16:26.762Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Linux", "Android", ], product: "Graphics DDK", vendor: "Imagination Technologies", versions: [ { lessThanOrEqual: "24.2 RTM2", status: "affected", version: "1.15 RTM", versionType: "custom", }, { status: "unaffected", version: "24.3 RTM", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest's virtualised GPU memory.</span>\n\n</span>", }, ], value: "Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest's virtualised GPU memory.", }, ], impacts: [ { capecId: "CAPEC-480", descriptions: [ { lang: "en", value: "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-823", description: "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-13T10:35:41.734Z", orgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", shortName: "imaginationtech", }, references: [ { url: "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", }, ], source: { discovery: "UNKNOWN", }, title: "GPU DDK - rgxfw_hwperf_config OOB read & write", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "367425dc-4d06-4041-9650-c2dc6aaa27ce", assignerShortName: "imaginationtech", cveId: "CVE-2024-52936", datePublished: "2025-01-13T10:35:41.734Z", dateReserved: "2024-11-18T04:55:52.554Z", dateUpdated: "2025-01-31T16:16:26.762Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }