CVE-2023-4272 – Mali GPU Kernel Driver exposes sensitive data from freed memory
https://notcve.org/view.php?id=CVE-2023-4272
A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory. Un usuario local sin privilegios puede realizar operaciones de procesamiento de GPU que expongan datos confidenciales de la memoria previamente liberada. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-1251: Mirrored Regions with Different Values •
CVE-2023-33200 – Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations
https://notcve.org/view.php?id=CVE-2023-33200
A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. Un usuario local sin privilegios puede realizar operaciones de procesamiento de GPU inadecuadas para aprovechar una condición de carrera del software. Si el usuario prepara cuidadosamente la memoria del sistema, esto a su vez podría darle acceso a la memoria ya liberada. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities • CWE-416: Use After Free •
CVE-2023-4211 – Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-4211
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. Un usuario local sin privilegios puede realizar operaciones inadecuadas de procesamiento de la memoria de la GPU para obtener acceso a la memoria ya liberada. Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities • CWE-416: Use After Free •
CVE-2023-28147
https://notcve.org/view.php?id=CVE-2023-28147
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities •
CVE-2023-22808
https://notcve.org/view.php?id=CVE-2023-22808
An issue was discovered in the Arm Android Gralloc Module. A non-privileged user can read a small portion of the allocator process memory. This affects Bifrost r24p0 through r41p0 before r42p0, Valhall r24p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities • CWE-125: Out-of-bounds Read •