CVE-2023-34970
published 2023-10-03CVE-2023-34970: A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race…
PriorityP418medium4.7CVSS 3.1
AVLACHPRLUINSUCNINAH
EPSS
0.29%
21.0th percentile
A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arm | mali_gpu_kernel_driver | — | — |
| arm | valhall_gpu_kernel_driver | — | — |
| arm_ltd | arm_5th_gen_gpu_architecture_kernel_driver | >= r41p0 < r44p1 | r44p1 |
| arm_ltd | valhall_gpu_kernel_driver | >= r44p0 < r44p1 | r44p1 |
| android | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-frqx-wxgf-37p7: A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software r
ghsa_unreviewed·2023-10-03
CVE-2023-34970 [MEDIUM] CWE-416 GHSA-frqx-wxgf-37p7: A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software r
A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory
Android
CVE-2023-34970: Mali
vendor_android·2023-10-01·CVSS 4.7
CVE-2023-34970 [MEDIUM] CVE-2023-34970: Mali
Android Security Bulletin 2023-10-01
CVE: CVE-2023-34970
Severity: HIGH
Component: Mali
References: A-287624919
*
No detection rules found.
No public exploits indexed.
2023-10-03
Published