Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2023-28147

Published: Jun 02, 2023 | Modified: Jun 09, 2023
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2023-28147
CWEhttps://cwe.mitre.org/data/definitions/.html

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arms GPU Architecture Gen5 r41p0 through r42p0 before r43p0.

Affected Software

Name Vendor Start Version End Version
Avalon_gpu_kernel_driver Arm r41p0 (including) r43p0 (excluding)
Bifrost_gpu_kernel_driver Arm r17p0 (including) r43p0 (excluding)
Midgard_gpu_kernel_driver Arm r29p0 (including) r32p0 (including)
Valhall_gpu_kernel_driver Arm r19p0 (including) r43p0 (excluding)

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use