CVE-2023-5091
published 2024-01-08CVE-2023-5091: Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access…
PriorityP426medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EPSS
0.15%
4.8th percentile
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r37p0 through r40p0.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arm | valhall_gpu_kernel_driver | r37p0 – r40p0 | — |
| arm_ltd | valhall_gpu_kernel_driver | r37p0 – r40p0 | — |
| android | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-66qh-r598-w33q: Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gai
ghsa_unreviewed·2024-01-08
CVE-2023-5091 [MEDIUM] CWE-416 GHSA-66qh-r598-w33q: Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gai
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r37p0 through r40p0.
Android
CVE-2023-5091: Mali
vendor_android·2024-02-01·CVSS 5.5
CVE-2023-5091 [MEDIUM] CVE-2023-5091: Mali
Android Security Bulletin 2024-02-01
CVE: CVE-2023-5091
Severity: HIGH
Component: Mali
References: A-298150556
*
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2023-31248 kernel: nf_tables: use-after-free in nft_chain_lookup_byid()
bugzilla·2023-07-06·CVSS 7.8
CVE-2023-31248 [HIGH] CVE-2023-31248 kernel: nf_tables: use-after-free in nft_chain_lookup_byid()
CVE-2023-31248 kernel: nf_tables: use-after-free in nft_chain_lookup_byid()
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace
https://lore.kernel.org/netfilter-devel/[email protected]/T/
https://www.openwall.com/lists/oss-security/2023/07/05/2
http://www.openwall.com/lists/oss-security/2023/07/05/2
Discussion:
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 2221778]
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2023:5091 https://access.redhat.com/errata/RHSA-2023:5091
---
This issue has been addressed in the following products:
Red Hat En
Bugzilla
CVE-2023-21102 kernel: bypass of shadow stack protection due to a logic error
bugzilla·2023-06-08·CVSS 7.8
CVE-2023-21102 [HIGH] CVE-2023-21102 kernel: bypass of shadow stack protection due to a logic error
CVE-2023-21102 kernel: bypass of shadow stack protection due to a logic error
In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed.
Reference:
https://android.googlesource.com/kernel/common/+/ec6fe823507b2f6ef4a58f3a9bee9a5ec086c32c%5E%21/
https://source.android.com/docs/security/bulletin/2023-05-01
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2023:5091 https://access.redhat.com/errata/RHSA-2023:5091
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2023:5069 https://access.redhat.com/errata/RHSA-2023:
2024-01-08
Published