Search
Find a vulnerability
Search criteria
12 vulnerabilities found for Arm 5th Gen GPU Architecture Kernel Driver by Arm Ltd
CVE-2023-5427 (GCVE-0-2023-5427)
Vulnerability from nvd – Published: 2023-12-01 10:13 – Updated: 2026-02-25 16:41
VLAI
Title
Mali GPU Kernel Driver allows improper GPU processing operations
Summary
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r45p0; Valhall GPU Kernel Driver: from r44p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r45p0.
Severity
7.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm Ltd | Bifrost GPU Kernel Driver |
Affected:
r44p0 , ≤ r45p0
(patch)
|
|
| Arm Ltd | Valhall GPU Kernel Driver |
Affected:
r44p0 , ≤ r45p0
(patch)
|
|
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
Affected:
r44p0 , ≤ r45p0
(patch)
|
Date Public
2023-12-01 09:55
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176029/ARM-Mali-r44p0-Use-After-Free.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-5427",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-19T05:00:21.515051Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T16:41:07.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bifrost GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r46p0",
"status": "unaffected"
}
],
"lessThanOrEqual": "r45p0",
"status": "affected",
"version": "r44p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valhall GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r46p0",
"status": "unaffected"
}
],
"lessThanOrEqual": "r45p0",
"status": "affected",
"version": "r44p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Arm 5th Gen GPU Architecture Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r46p0",
"status": "unaffected"
}
],
"lessThanOrEqual": "r45p0",
"status": "affected",
"version": "r44p0",
"versionType": "patch"
}
]
}
],
"datePublic": "2023-12-01T09:55:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a\u0026nbsp;local non-privileged user to make improper GPU processing operations to gain access to already freed memory.\u003cp\u003eThis issue affects Bifrost GPU Kernel Driver: from r44p0 through r45p0; Valhall GPU Kernel Driver: from r44p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r45p0.\u003c/p\u003e"
}
],
"value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a\u00a0local non-privileged user to make improper GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r45p0; Valhall GPU Kernel Driver: from r44p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r45p0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T16:06:21.744Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
},
{
"url": "http://packetstormsecurity.com/files/176029/ARM-Mali-r44p0-Use-After-Free.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Bifrost, Valhall, and Arm 5th Gen GPU Architecture Kernel Driver r46p0. Users are recommended to upgrade if they are impacted by this issue.\u003cbr\u003e"
}
],
"value": "This issue is fixed in Bifrost, Valhall, and Arm 5th Gen GPU Architecture Kernel Driver r46p0. Users are recommended to upgrade if they are impacted by this issue."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Mali GPU Kernel Driver allows improper GPU processing operations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2023-5427",
"datePublished": "2023-12-01T10:13:49.299Z",
"dateReserved": "2023-10-05T19:12:49.840Z",
"dateUpdated": "2026-02-25T16:41:07.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4295 (GCVE-0-2023-4295)
Vulnerability from nvd – Published: 2023-11-07 15:42 – Updated: 2025-12-16 18:23
VLAI
Title
Mali GPU Kernel Driver allows improper GPU memory processing operations
Summary
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm Ltd | Valhall GPU Kernel Driver |
Affected:
r29p0 , < r43p0
(patch)
|
|
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
Affected:
r41p0 , < r43p0
(patch)
|
Date Public
2023-11-07 11:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:24:04.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176109/Arm-Mali-CSF-Overflow-Use-After-Free.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4295",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-15T16:40:09.775279Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T18:23:25.979Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Valhall GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r43p0",
"status": "unaffected"
}
],
"lessThan": "r43p0",
"status": "affected",
"version": "r29p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Arm 5th Gen GPU Architecture Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r43p0",
"status": "unaffected"
}
],
"lessThan": "r43p0",
"status": "affected",
"version": "r41p0",
"versionType": "patch"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jann Horn at Google"
}
],
"datePublic": "2023-11-07T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. \u003c/p\u003e"
}
],
"value": "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T17:06:24.003Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
},
{
"url": "http://packetstormsecurity.com/files/176109/Arm-Mali-CSF-Overflow-Use-After-Free.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Valhall and Arm 5th Gen GPU Architecture Kernel \nDriver r43p0. Users are recommended to upgrade if they are impacted by \nthis issue. \n\n\u003cbr\u003e"
}
],
"value": "This issue is fixed in Valhall and Arm 5th Gen GPU Architecture Kernel \nDriver r43p0. Users are recommended to upgrade if they are impacted by \nthis issue."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Mali GPU Kernel Driver allows improper GPU memory processing operations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "arm-security@arm.com",
"ID": "CVE-2023-4295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mali GPU Kernel Driver",
"version": {
"version_data": [
{
"version_value": "Midgard GPU Kernel Driver"
}
]
}
}
]
},
"vendor_name": "Arm Ltd"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "5.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mali GPU Kernel Driver allows improper GPU memory processing operations"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"refsource": "MISC",
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2023-4295",
"datePublished": "2023-11-07T15:42:15.584Z",
"dateReserved": "2023-08-10T14:44:40.416Z",
"dateUpdated": "2025-12-16T18:23:25.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4272 (GCVE-0-2023-4272)
Vulnerability from nvd – Published: 2023-11-07 15:18 – Updated: 2024-09-04 19:35
VLAI
Title
Mali GPU Kernel Driver exposes sensitive data from freed memory
Summary
A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm Ltd | Midgard GPU Kernel Driver |
Affected:
r8p0 , ≤ r32p0
(patch)
|
|
| Arm Ltd | Bifrost GPU Kernel Driver |
Affected:
r0p0 , < r42p0
(patch)
|
|
| Arm Ltd | Valhall GPU Kernel Driver |
Affected:
r19p0 , < r42p0
(patch)
|
|
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
Affected:
r41p0 , < r42p0
(patch)
|
Date Public
2023-11-07 11:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:24:04.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4272",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T19:32:51.694412Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T19:35:16.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Midgard GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"lessThanOrEqual": "r32p0",
"status": "affected",
"version": "r8p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Bifrost GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r42p0",
"status": "unaffected"
}
],
"lessThan": "r42p0",
"status": "affected",
"version": "r0p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valhall GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r42p0",
"status": "unaffected"
}
],
"lessThan": "r42p0",
"status": "affected",
"version": "r19p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Arm 5th Gen GPU Architecture Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r42p0",
"status": "unaffected"
}
],
"lessThan": "r42p0",
"status": "affected",
"version": "r41p0",
"versionType": "patch"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jann Horn at Google"
}
],
"datePublic": "2023-11-07T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory. \u003c/p\u003e"
}
],
"value": "A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory. \n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1251",
"description": "CWE-1251 Mirrored Regions with Different Values",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T22:37:50.042Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Mali GPU Kernel Driver exposes sensitive data from freed memory",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "arm-security@arm.com",
"ID": "CVE-2023-4272",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mali GPU Kernel Driver",
"version": {
"version_data": [
{
"version_value": "Midgard GPU Kernel Driver"
}
]
}
}
]
},
"vendor_name": "Arm Ltd"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "5.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mali GPU Kernel Driver exposes sensitive data from freed memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"refsource": "MISC",
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2023-4272",
"datePublished": "2023-11-07T15:18:59.203Z",
"dateReserved": "2023-08-09T12:41:30.877Z",
"dateUpdated": "2024-09-04T19:35:16.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34970 (GCVE-0-2023-34970)
Vulnerability from nvd – Published: 2023-10-03 16:44 – Updated: 2025-03-07 18:28
VLAI
Title
Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations
Summary
A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm Ltd | Valhall GPU Kernel Driver |
Affected:
r44p0 , < r44p1
(patch)
|
|
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
Affected:
r41p0 , < r44p1
(patch)
|
Date Public
2023-10-02 10:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:17:04.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-34970",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:54:33.562596Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T18:28:17.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Valhall GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r44p1",
"status": "unaffected"
}
],
"lessThan": "r44p1",
"status": "affected",
"version": "r44p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Arm 5th Gen GPU Architecture Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r44p1",
"status": "unaffected"
}
],
"lessThan": "r44p1",
"status": "affected",
"version": "r41p0",
"versionType": "patch"
}
]
}
],
"datePublic": "2023-10-02T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory\u003c/p\u003e"
}
],
"value": "A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use after free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T16:44:14.509Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "arm-security@arm.com",
"ID": "CVE-2023-34970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mali GPU Kernel Driver",
"version": {
"version_data": [
{
"version_value": "Midgard GPU Kernel Driver"
}
]
}
}
]
},
"vendor_name": "Arm Ltd"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "5.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"refsource": "MISC",
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2023-34970",
"datePublished": "2023-10-03T16:44:14.509Z",
"dateReserved": "2023-06-08T02:45:25.666Z",
"dateUpdated": "2025-03-07T18:28:17.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33200 (GCVE-0-2023-33200)
Vulnerability from nvd – Published: 2023-10-03 16:39 – Updated: 2025-03-07 18:29
VLAI
Title
Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations
Summary
A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use after free
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm Ltd | Bifrost GPU Kernel Driver |
Affected:
r17p0 , < r44p1
(patch)
|
|
| Arm Ltd | Valhall GPU Kernel Driver |
Affected:
r19p0 , < r44p1
(patch)
|
|
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
Affected:
r41p0 , < r44p1
(patch)
|
Date Public
2023-10-01 10:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:35.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-33200",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:54:36.298341Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T18:29:58.220Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bifrost GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r44p1",
"status": "unaffected"
}
],
"lessThan": "r44p1",
"status": "affected",
"version": "r17p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valhall GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r44p1",
"status": "unaffected"
}
],
"lessThan": "r44p1",
"status": "affected",
"version": "r19p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Arm 5th Gen GPU Architecture Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r44p1",
"status": "unaffected"
}
],
"lessThan": "r44p1",
"status": "affected",
"version": "r41p0",
"versionType": "patch"
}
]
}
],
"datePublic": "2023-10-01T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.\u003c/p\u003e"
}
],
"value": "A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use after free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-04T16:10:19.453Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "arm-security@arm.com",
"ID": "CVE-2023-33200",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mali GPU Kernel Driver",
"version": {
"version_data": [
{
"version_value": "Midgard GPU Kernel Driver"
}
]
}
}
]
},
"vendor_name": "Arm Ltd"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "5.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"refsource": "MISC",
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2023-33200",
"datePublished": "2023-10-03T16:39:10.086Z",
"dateReserved": "2023-05-18T06:53:10.913Z",
"dateUpdated": "2025-03-07T18:29:58.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4211 (GCVE-0-2023-4211)
Vulnerability from nvd – Published: 2023-10-01 17:00 – Updated: 2025-10-21 23:05Title
Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations
Summary
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
Severity
5.5 (Medium)
SSVC
Exploitation: active
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use after free
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://developer.arm.com/Arm%20Security%20Center… | |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm Ltd | Midgard GPU Kernel Driver |
Affected:
r12p0 , ≤ r32p0
(patch)
|
|
| Arm Ltd | Bifrost GPU Kernel Driver |
Affected:
r0p0 , ≤ r42p0
(patch)
|
|
| Arm Ltd | Valhall GPU Kernel Driver |
Affected:
r19p0 , ≤ r42p0
(patch)
|
|
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
Affected:
r41p0 , ≤ r42p0
(patch)
|
Date Public
2023-10-01 10:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:17:12.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4211",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-15T16:37:52.728085Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4211"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:36.029Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4211"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-03T00:00:00.000Z",
"value": "CVE-2023-4211 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Midgard GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"lessThanOrEqual": "r32p0",
"status": "affected",
"version": "r12p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Bifrost GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"lessThanOrEqual": "r42p0",
"status": "affected",
"version": "r0p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valhall GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"lessThanOrEqual": "r42p0",
"status": "affected",
"version": "r19p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Arm 5th Gen GPU Architecture Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"lessThanOrEqual": "r42p0",
"status": "affected",
"version": "r41p0",
"versionType": "patch"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Maddie Stone, Google Threat Analysis Group"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jann Horn, Google Project Zero"
}
],
"datePublic": "2023-10-01T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.\u003c/p\u003e"
}
],
"value": "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use after free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-04T16:35:12.961Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "arm-security@arm.com",
"ID": "CVE-2023-4211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mali GPU Kernel Driver",
"version": {
"version_data": [
{
"version_value": "Midgard GPU Kernel Driver"
}
]
}
}
]
},
"vendor_name": "Arm Ltd"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "5.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"refsource": "MISC",
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2023-4211",
"datePublished": "2023-10-01T17:00:27.113Z",
"dateReserved": "2023-08-07T15:24:51.156Z",
"dateUpdated": "2025-10-21T23:05:36.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5427 (GCVE-0-2023-5427)
Vulnerability from cvelistv5 – Published: 2023-12-01 10:13 – Updated: 2026-02-25 16:41
VLAI
Title
Mali GPU Kernel Driver allows improper GPU processing operations
Summary
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r45p0; Valhall GPU Kernel Driver: from r44p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r45p0.
Severity
7.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm Ltd | Bifrost GPU Kernel Driver |
Affected:
r44p0 , ≤ r45p0
(patch)
|
|
| Arm Ltd | Valhall GPU Kernel Driver |
Affected:
r44p0 , ≤ r45p0
(patch)
|
|
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
Affected:
r44p0 , ≤ r45p0
(patch)
|
Date Public
2023-12-01 09:55
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176029/ARM-Mali-r44p0-Use-After-Free.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-5427",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-19T05:00:21.515051Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T16:41:07.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bifrost GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r46p0",
"status": "unaffected"
}
],
"lessThanOrEqual": "r45p0",
"status": "affected",
"version": "r44p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valhall GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r46p0",
"status": "unaffected"
}
],
"lessThanOrEqual": "r45p0",
"status": "affected",
"version": "r44p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Arm 5th Gen GPU Architecture Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r46p0",
"status": "unaffected"
}
],
"lessThanOrEqual": "r45p0",
"status": "affected",
"version": "r44p0",
"versionType": "patch"
}
]
}
],
"datePublic": "2023-12-01T09:55:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a\u0026nbsp;local non-privileged user to make improper GPU processing operations to gain access to already freed memory.\u003cp\u003eThis issue affects Bifrost GPU Kernel Driver: from r44p0 through r45p0; Valhall GPU Kernel Driver: from r44p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r45p0.\u003c/p\u003e"
}
],
"value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a\u00a0local non-privileged user to make improper GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r45p0; Valhall GPU Kernel Driver: from r44p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r45p0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T16:06:21.744Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
},
{
"url": "http://packetstormsecurity.com/files/176029/ARM-Mali-r44p0-Use-After-Free.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Bifrost, Valhall, and Arm 5th Gen GPU Architecture Kernel Driver r46p0. Users are recommended to upgrade if they are impacted by this issue.\u003cbr\u003e"
}
],
"value": "This issue is fixed in Bifrost, Valhall, and Arm 5th Gen GPU Architecture Kernel Driver r46p0. Users are recommended to upgrade if they are impacted by this issue."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Mali GPU Kernel Driver allows improper GPU processing operations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2023-5427",
"datePublished": "2023-12-01T10:13:49.299Z",
"dateReserved": "2023-10-05T19:12:49.840Z",
"dateUpdated": "2026-02-25T16:41:07.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4295 (GCVE-0-2023-4295)
Vulnerability from cvelistv5 – Published: 2023-11-07 15:42 – Updated: 2025-12-16 18:23
VLAI
Title
Mali GPU Kernel Driver allows improper GPU memory processing operations
Summary
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm Ltd | Valhall GPU Kernel Driver |
Affected:
r29p0 , < r43p0
(patch)
|
|
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
Affected:
r41p0 , < r43p0
(patch)
|
Date Public
2023-11-07 11:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:24:04.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176109/Arm-Mali-CSF-Overflow-Use-After-Free.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4295",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-15T16:40:09.775279Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T18:23:25.979Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Valhall GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r43p0",
"status": "unaffected"
}
],
"lessThan": "r43p0",
"status": "affected",
"version": "r29p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Arm 5th Gen GPU Architecture Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r43p0",
"status": "unaffected"
}
],
"lessThan": "r43p0",
"status": "affected",
"version": "r41p0",
"versionType": "patch"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jann Horn at Google"
}
],
"datePublic": "2023-11-07T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. \u003c/p\u003e"
}
],
"value": "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T17:06:24.003Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
},
{
"url": "http://packetstormsecurity.com/files/176109/Arm-Mali-CSF-Overflow-Use-After-Free.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Valhall and Arm 5th Gen GPU Architecture Kernel \nDriver r43p0. Users are recommended to upgrade if they are impacted by \nthis issue. \n\n\u003cbr\u003e"
}
],
"value": "This issue is fixed in Valhall and Arm 5th Gen GPU Architecture Kernel \nDriver r43p0. Users are recommended to upgrade if they are impacted by \nthis issue."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Mali GPU Kernel Driver allows improper GPU memory processing operations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "arm-security@arm.com",
"ID": "CVE-2023-4295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mali GPU Kernel Driver",
"version": {
"version_data": [
{
"version_value": "Midgard GPU Kernel Driver"
}
]
}
}
]
},
"vendor_name": "Arm Ltd"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "5.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mali GPU Kernel Driver allows improper GPU memory processing operations"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"refsource": "MISC",
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2023-4295",
"datePublished": "2023-11-07T15:42:15.584Z",
"dateReserved": "2023-08-10T14:44:40.416Z",
"dateUpdated": "2025-12-16T18:23:25.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4272 (GCVE-0-2023-4272)
Vulnerability from cvelistv5 – Published: 2023-11-07 15:18 – Updated: 2024-09-04 19:35
VLAI
Title
Mali GPU Kernel Driver exposes sensitive data from freed memory
Summary
A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm Ltd | Midgard GPU Kernel Driver |
Affected:
r8p0 , ≤ r32p0
(patch)
|
|
| Arm Ltd | Bifrost GPU Kernel Driver |
Affected:
r0p0 , < r42p0
(patch)
|
|
| Arm Ltd | Valhall GPU Kernel Driver |
Affected:
r19p0 , < r42p0
(patch)
|
|
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
Affected:
r41p0 , < r42p0
(patch)
|
Date Public
2023-11-07 11:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:24:04.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4272",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T19:32:51.694412Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T19:35:16.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Midgard GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"lessThanOrEqual": "r32p0",
"status": "affected",
"version": "r8p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Bifrost GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r42p0",
"status": "unaffected"
}
],
"lessThan": "r42p0",
"status": "affected",
"version": "r0p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valhall GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r42p0",
"status": "unaffected"
}
],
"lessThan": "r42p0",
"status": "affected",
"version": "r19p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Arm 5th Gen GPU Architecture Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r42p0",
"status": "unaffected"
}
],
"lessThan": "r42p0",
"status": "affected",
"version": "r41p0",
"versionType": "patch"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jann Horn at Google"
}
],
"datePublic": "2023-11-07T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory. \u003c/p\u003e"
}
],
"value": "A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory. \n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1251",
"description": "CWE-1251 Mirrored Regions with Different Values",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T22:37:50.042Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Mali GPU Kernel Driver exposes sensitive data from freed memory",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "arm-security@arm.com",
"ID": "CVE-2023-4272",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mali GPU Kernel Driver",
"version": {
"version_data": [
{
"version_value": "Midgard GPU Kernel Driver"
}
]
}
}
]
},
"vendor_name": "Arm Ltd"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "5.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mali GPU Kernel Driver exposes sensitive data from freed memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"refsource": "MISC",
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2023-4272",
"datePublished": "2023-11-07T15:18:59.203Z",
"dateReserved": "2023-08-09T12:41:30.877Z",
"dateUpdated": "2024-09-04T19:35:16.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34970 (GCVE-0-2023-34970)
Vulnerability from cvelistv5 – Published: 2023-10-03 16:44 – Updated: 2025-03-07 18:28
VLAI
Title
Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations
Summary
A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm Ltd | Valhall GPU Kernel Driver |
Affected:
r44p0 , < r44p1
(patch)
|
|
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
Affected:
r41p0 , < r44p1
(patch)
|
Date Public
2023-10-02 10:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:17:04.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-34970",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:54:33.562596Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T18:28:17.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Valhall GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r44p1",
"status": "unaffected"
}
],
"lessThan": "r44p1",
"status": "affected",
"version": "r44p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Arm 5th Gen GPU Architecture Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r44p1",
"status": "unaffected"
}
],
"lessThan": "r44p1",
"status": "affected",
"version": "r41p0",
"versionType": "patch"
}
]
}
],
"datePublic": "2023-10-02T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory\u003c/p\u003e"
}
],
"value": "A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use after free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T16:44:14.509Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "arm-security@arm.com",
"ID": "CVE-2023-34970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mali GPU Kernel Driver",
"version": {
"version_data": [
{
"version_value": "Midgard GPU Kernel Driver"
}
]
}
}
]
},
"vendor_name": "Arm Ltd"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "5.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"refsource": "MISC",
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2023-34970",
"datePublished": "2023-10-03T16:44:14.509Z",
"dateReserved": "2023-06-08T02:45:25.666Z",
"dateUpdated": "2025-03-07T18:28:17.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33200 (GCVE-0-2023-33200)
Vulnerability from cvelistv5 – Published: 2023-10-03 16:39 – Updated: 2025-03-07 18:29
VLAI
Title
Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations
Summary
A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use after free
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm Ltd | Bifrost GPU Kernel Driver |
Affected:
r17p0 , < r44p1
(patch)
|
|
| Arm Ltd | Valhall GPU Kernel Driver |
Affected:
r19p0 , < r44p1
(patch)
|
|
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
Affected:
r41p0 , < r44p1
(patch)
|
Date Public
2023-10-01 10:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:35.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-33200",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:54:36.298341Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T18:29:58.220Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bifrost GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r44p1",
"status": "unaffected"
}
],
"lessThan": "r44p1",
"status": "affected",
"version": "r17p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valhall GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r44p1",
"status": "unaffected"
}
],
"lessThan": "r44p1",
"status": "affected",
"version": "r19p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Arm 5th Gen GPU Architecture Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r44p1",
"status": "unaffected"
}
],
"lessThan": "r44p1",
"status": "affected",
"version": "r41p0",
"versionType": "patch"
}
]
}
],
"datePublic": "2023-10-01T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.\u003c/p\u003e"
}
],
"value": "A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use after free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-04T16:10:19.453Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "arm-security@arm.com",
"ID": "CVE-2023-33200",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mali GPU Kernel Driver",
"version": {
"version_data": [
{
"version_value": "Midgard GPU Kernel Driver"
}
]
}
}
]
},
"vendor_name": "Arm Ltd"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "5.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system\u2019s memory is carefully prepared by the user, then this in turn could give them access to already freed memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"refsource": "MISC",
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2023-33200",
"datePublished": "2023-10-03T16:39:10.086Z",
"dateReserved": "2023-05-18T06:53:10.913Z",
"dateUpdated": "2025-03-07T18:29:58.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4211 (GCVE-0-2023-4211)
Vulnerability from cvelistv5 – Published: 2023-10-01 17:00 – Updated: 2025-10-21 23:05Title
Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations
Summary
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
Severity
5.5 (Medium)
SSVC
Exploitation: active
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use after free
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://developer.arm.com/Arm%20Security%20Center… | |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm Ltd | Midgard GPU Kernel Driver |
Affected:
r12p0 , ≤ r32p0
(patch)
|
|
| Arm Ltd | Bifrost GPU Kernel Driver |
Affected:
r0p0 , ≤ r42p0
(patch)
|
|
| Arm Ltd | Valhall GPU Kernel Driver |
Affected:
r19p0 , ≤ r42p0
(patch)
|
|
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
Affected:
r41p0 , ≤ r42p0
(patch)
|
Date Public
2023-10-01 10:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:17:12.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4211",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-15T16:37:52.728085Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4211"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:36.029Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4211"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-03T00:00:00.000Z",
"value": "CVE-2023-4211 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Midgard GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"lessThanOrEqual": "r32p0",
"status": "affected",
"version": "r12p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Bifrost GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"lessThanOrEqual": "r42p0",
"status": "affected",
"version": "r0p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valhall GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"lessThanOrEqual": "r42p0",
"status": "affected",
"version": "r19p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Arm 5th Gen GPU Architecture Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"lessThanOrEqual": "r42p0",
"status": "affected",
"version": "r41p0",
"versionType": "patch"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Maddie Stone, Google Threat Analysis Group"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jann Horn, Google Project Zero"
}
],
"datePublic": "2023-10-01T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.\u003c/p\u003e"
}
],
"value": "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use after free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-04T16:35:12.961Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "arm-security@arm.com",
"ID": "CVE-2023-4211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mali GPU Kernel Driver",
"version": {
"version_data": [
{
"version_value": "Midgard GPU Kernel Driver"
}
]
}
}
]
},
"vendor_name": "Arm Ltd"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "5.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"refsource": "MISC",
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2023-4211",
"datePublished": "2023-10-01T17:00:27.113Z",
"dateReserved": "2023-08-07T15:24:51.156Z",
"dateUpdated": "2025-10-21T23:05:36.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}