Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2023-28147

Published: Jun 02, 2023 | Modified: Jan 09, 2025
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
Vulnerability-free packages from our partners
root.io logo minimus.io logo echo.ai logo
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2023-28147
CWEhttps://cwe.mitre.org/data/definitions/.html

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arms GPU Architecture Gen5 r41p0 through r42p0 before r43p0.

Affected Software

NameVendorStart VersionEnd Version
Avalon_gpu_kernel_driverArmr41p0 (including)r43p0 (excluding)
Bifrost_gpu_kernel_driverArmr17p0 (including)r43p0 (excluding)
Midgard_gpu_kernel_driverArmr29p0 (including)r32p0 (including)
Valhall_gpu_kernel_driverArmr19p0 (including)r43p0 (excluding)

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2026 Aqua Security Software Ltd.   Privacy Policy | Terms of Use