CVE-2023-5427: Fixes in Linux Kernel

Published Dec 1, 2023
·
Updated

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r45p0; Valhall GPU Kernel Driver: from r44p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r45p0.

Affected Software

4 affected components
Arm 5th Gen GPU Architecture Kernel Driver>=r44p0<r46p0
Arm Bifrost GPU Kernel Driver>=r44p0<r46p0
Arm Valhall GPU Kernel Driver>=r44p0<r46p0
Google Android

Remediation

Information

This issue is fixed in Bifrost, Valhall, and Arm 5th Gen GPU Architecture Kernel Driver r46p0. Users are recommended to upgrade if they are impacted by this issue.

Event History

Dec 1, 2023
CVE Published
via MITRE·10:13 AM
Data Sourced
via MITRE·10:13 AM
RemedyDescriptionWeakness
Data Sourced
via NVD·11:15 AM
DescriptionSeverityWeaknessAffected Software
Mar 5, 2024
Data Sourced
12:00 AM
SeverityWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is CVE-2023-5427?

CVE-2023-5427 is a vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver that allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory.

2

How severe is CVE-2023-5427?

CVE-2023-5427 has a severity rating of 7.8 (high).

3

What software is affected by CVE-2023-5427?

Arm 5th Gen GPU Architecture Kernel Driver, Arm Bifrost GPU Kernel Driver, and Arm Valhall GPU Kernel Driver versions ranging from r44p0 to r46p0 are affected by CVE-2023-5427.

4

How can a local non-privileged user exploit CVE-2023-5427?

A local non-privileged user can exploit CVE-2023-5427 by making improper GPU processing operations to gain access to already freed memory.

5

Where can I find more information about CVE-2023-5427?

You can find more information about CVE-2023-5427 at the Arm Security Center's website and Packet Storm Security's website.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203