CVE-2024-12577

CVE-2024-12577: GPU DDK - rgxfw_pcset_ungrab OOB write via psFWMemContext->uiPageCatBaseRegSet

Vendor Imagination Technologies
Product Graphics DDK
Weakness CWE-823
Published February 22, 2025
Last update March 18, 2025

CVSS base score

What the vulnerability does

01Description

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.

Key dates

02Disclosure timeline

February 22, 2025 CVE published
March 18, 2025 Record updated