cbcvebase.
CVE-2023-28147
published 2023-06-02

CVE-2023-28147: An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed…

PriorityP426medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EPSS
0.18%
7.9th percentile
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0.

Affected

5 ranges
VendorProductVersion rangeFixed in
armavalon_gpu_kernel_driver>= r41p0 < r43p0r43p0
armbifrost_gpu_kernel_driver>= r17p0 < r43p0r43p0
armmidgard_gpu_kernel_driverr29p0 – r32p0
armvalhall_gpu_kernel_driver>= r19p0 < r43p0r43p0
googleandroid

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.