CVE-2023-3889

CVE-2023-3889: Mali GPU Kernel Driver exposes sensitive data from freed memory

Vendor Arm Ltd
Product Valhall GPU Kernel Driver
Weakness CWE-119
Published November 7, 2023
Last update December 16, 2025

CVSS base score

What the vulnerability does

01Description

A local non-privileged user can make improper GPU memory processing operations. If the operations are carefully prepared, then they could be used to gain access to already freed memory.

Key dates

02Disclosure timeline

November 7, 2023 CVE published
December 16, 2025 Record updated