CVE-2023-3889

Summary

A local non-privileged user can make improper GPU memory processing operations. If the operations are carefully prepared, then they could be used to gain access to already freed memory.

Affected Software

VendorProductVersion RangeStatus
Arm LtdValhall GPU Kernel Driverr38p0 <= r44p0affected

Weaknesses

  • CWE-119: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
  • CWE-667: CWE-667 Improper Locking

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References