ghsa-c474-93fq-8fxp
Vulnerability from github
Published
2023-01-26 21:30
Modified
2023-02-01 15:30
Severity
Details
The PowerVR GPU kernel driver maintains an "Information Page" used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product: AndroidVersions: Android SoCAndroid ID: A-259967780
{ "affected": [], "aliases": [ "CVE-2022-20235" ], "database_specific": { "cwe_ids": [ "CWE-119" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2023-01-26T21:15:00Z", "severity": "MODERATE" }, "details": "The PowerVR GPU kernel driver maintains an \"Information Page\" used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product: AndroidVersions: Android SoCAndroid ID: A-259967780", "id": "GHSA-c474-93fq-8fxp", "modified": "2023-02-01T15:30:20Z", "published": "2023-01-26T21:30:28Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20235" }, { "type": "WEB", "url": "https://source.android.com/security/bulletin/2023-01-01" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "type": "CVSS_V3" } ] }
Loading...