CVE-2024-43705

CVE-2024-43705: GPU DDK - Security: Exploitable PVRSRVBridgePhysmemWrapExtMem may lead to overwrite read-only file/memory (e.g. libc.so)

Vendor Imagination Technologies
Product Graphics DDK
Weakness CWE-280
Published December 28, 2024
Last update December 28, 2024

CVSS base score

What the vulnerability does

01Description

Software installed and run as a non-privileged user can trigger the GPU kernel driver to write to arbitrary read-only system files that have been mapped into application memory.

Key dates

02Disclosure timeline

December 28, 2024 CVE published
December 28, 2024 Record updated