CVE-2023-34970

CVE-2023-34970: Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations

Vendor Arm Ltd
Product Valhall GPU Kernel Driver
Weakness CWE-416
Published October 3, 2023
Last update March 7, 2025

CVSS base score

What the vulnerability does

01Description

A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory

Key dates

02Disclosure timeline

October 3, 2023 CVE published
March 7, 2025 Record updated