Vulnerability Details : CVE-2023-32804
Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.
Vulnerability category: Memory Corruption
Products affected by CVE-2023-32804
- cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*
- cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*
- cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*
- ARM » 5th Gen Gpu Architecture Kernel DriverVersions from including (>=) r41p0 and up to, including, (<=) r44p0cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-32804
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 14 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-32804
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2023-32804
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by:
- arm-security@arm.com (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2023-32804
-
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Mali GPU Driver VulnerabilitiesVendor Advisory
Jump to