Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-28147

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0.

Published

2023-06-02T00:15:09.620

Last Modified

2025-01-09T20:15:32.090

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	arm	avalon_gpu_kernel_driver	< r43p0	Yes
Application	arm	bifrost_gpu_kernel_driver	< r43p0	Yes
Application	arm	midgard_gpu_kernel_driver	≤ r32p0	Yes
Application	arm	valhall_gpu_kernel_driver	< r43p0	Yes

References

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities Vendor Advisory ([email protected])
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)