CVE-2024-52936

CVE-2024-52936: GPU DDK - rgxfw_hwperf_config OOB read & write

Vendor Imagination Technologies
Product Graphics DDK
Weakness CWE-823
Published January 13, 2025
Last update January 31, 2025

CVSS base score

What the vulnerability does

01Description

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest's virtualised GPU memory.

Key dates

02Disclosure timeline

January 13, 2025 CVE published
January 31, 2025 Record updated