CVE-2023-5249

CVE-2023-5249: Mali GPU Kernel Driver allows improper GPU memory processing operations

Vendor Arm Ltd
Product Bifrost GPU Kernel Driver
Weakness CWE-416
Published February 5, 2024
Last update August 2, 2024

CVSS base score

What the vulnerability does

01Description

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper memory processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn cause a use-after-free.This issue affects Bifrost GPU Kernel Driver: from r35p0 through r40p0; Valhall GPU Kernel Driver: from r35p0 through r40p0.

Key dates

02Disclosure timeline

February 5, 2024 CVE published
August 2, 2024 Record updated