CVE-2024-43702

CVE-2024-43702: GPU DDK - MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pages

Vendor Imagination Technologies
Product Graphics DDK
Weakness CWE-280
Published November 30, 2024
Last update December 1, 2024

CVSS base score

What the vulnerability does

01Description

Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page.

Key dates

02Disclosure timeline

November 30, 2024 CVE published
December 1, 2024 Record updated