CVE-2023-4211: Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations
Published Aug 25, 2023
·Updated
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
Affected Software
10 affected components
Arm 5th Gen GPU Architecture Kernel Driver>=r41p0<=r42p0
Arm Bifrost>=r0p0<=r42p0
Arm Midgard>=r12p0<=r32p0
Arm Valhall>=r19p0<=r42p0
Arm Mali GPU Kernel Driver
Arm 5th Gen GPU Architecture Kernel Driver>=r41p0<r43p0
Arm Bifrost GPU Kernel Driver>=r0p0<r43p0
Arm Midgard GPU Kernel Driver>=r12p0<=r32p0
Arm Valhall GPU Kernel Driver>=r19p0<r43p0
Google Android
Remediation
Information
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Event History
Aug 25, 2023
CVE Published
12:00 AM
Data Sourced
12:00 AM
SeverityWeakness
Oct 1, 2023
CVE Published
via MITRE·05:00 PM
Data Sourced
via MITRE·05:00 PM
DescriptionWeakness
Data Sourced
via NVD·06:15 PM
DescriptionSeverityWeaknessAffected Software
Oct 2, 2023
Data Sourced
via Android·12:00 AM
SeverityAffected Software
Oct 3, 2023
Known Exploited
via CISA·12:00 AM
Invalid Date
News Published
Invalid Date
Dec 4, 2023
News Published
07:37 PM
Frequently Asked Questions
1
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2023-4211.
2
What is the title of this vulnerability?
The title of this vulnerability is Arm Mali GPU Kernel Driver Use-After-Free Vulnerability.
3
What is the description of this vulnerability?
This vulnerability allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.
4
Who is affected by this vulnerability?
Arm Mali GPU Kernel Driver is affected by this vulnerability.
5
Are there any patches available for this vulnerability?
Patches may not be available for this vulnerability, but it is recommended to check the references for updates and patches.