Vulnerability Details : CVE-2023-4211
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
CVE-2023-4211 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
CISA required action:
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
CISA description:
Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.
Notes:
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities; https://nvd.nist.gov/vuln/detail/CVE-2023-4211
Added on
2023-10-03
Action due date
2023-10-24
Exploit prediction scoring system (EPSS) score for CVE-2023-4211
21.26%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less