CVE-2024-0153

CVE-2024-0153: Mali GPU Firmware allows improper GPU processing operations

Vendor Arm Ltd
Product Valhall GPU Firmware
Weakness CWE-119
Published July 1, 2024
Last update August 1, 2024

CVSS base score

What the vulnerability does

01Description

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. If the operations are carefully prepared, then this in turn could give them access to all system memory. This issue affects Valhall GPU Firmware: from r29p0 through r46p0; Arm 5th Gen GPU Architecture Firmware: from r41p0 through r46p0.

Key dates

02Disclosure timeline

July 1, 2024 CVE published
August 1, 2024 Record updated