CVE-2023-4272 – Mali GPU Kernel Driver exposes sensitive data from freed memory
https://notcve.org/view.php?id=CVE-2023-4272
A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory. Un usuario local sin privilegios puede realizar operaciones de procesamiento de GPU que expongan datos confidenciales de la memoria previamente liberada. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-1251: Mirrored Regions with Different Values •
CVE-2023-33200 – Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations
https://notcve.org/view.php?id=CVE-2023-33200
A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. Un usuario local sin privilegios puede realizar operaciones de procesamiento de GPU inadecuadas para aprovechar una condición de carrera del software. Si el usuario prepara cuidadosamente la memoria del sistema, esto a su vez podría darle acceso a la memoria ya liberada. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities • CWE-416: Use After Free •
CVE-2023-4211 – Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-4211
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. Un usuario local sin privilegios puede realizar operaciones inadecuadas de procesamiento de la memoria de la GPU para obtener acceso a la memoria ya liberada. Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities • CWE-416: Use After Free •
CVE-2023-28147
https://notcve.org/view.php?id=CVE-2023-28147
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities •
CVE-2023-26083 – Arm Mali GPU Kernel Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-26083
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata. Arm Mali GPU Kernel Driver contains an information disclosure vulnerability that allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities https://www.cybersecurity-help.cz/vdb/SB2023033049 https://www.cybersecurity-help.cz/vulnerabilities/74210 • CWE-401: Missing Release of Memory after Effective Lifetime •