Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.
Published 2023-04-06 16:15:08
Updated 2023-04-21 17:31:50
Source MITRE
View at NVD,   CVE.org

Products affected by CVE-2023-26083

CVE-2023-26083 is in the CISA Known Exploited Vulnerabilities Catalog

CISA vulnerability name:
Arm Mali GPU Kernel Driver Information Disclosure Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Arm Mali GPU Kernel Driver contains an information disclosure vulnerability that allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.
Notes:
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities; https://nvd.nist.gov/vuln/detail/CVE-2023-26083
Added on 2023-04-07 Action due date 2023-04-28

Exploit prediction scoring system (EPSS) score for CVE-2023-26083

6.40%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-26083

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
3.3
LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1.8
1.4
NIST

CWE ids for CVE-2023-26083

References for CVE-2023-26083

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!