cbcvebase.
CVE-2023-5643
published 2024-02-05

CVE-2023-5643: Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver…

PriorityP342high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.18%
7.6th percentile
Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. Depending on the configuration of the Mali GPU Kernel Driver, and if the system’s memory is carefully prepared by the user, then this in turn could write to memory outside of buffer bounds.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r45p0; Valhall GPU Kernel Driver: from r41p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r45p0.

Affected

7 ranges
VendorProductVersion rangeFixed in
arm5th_gen_gpu_architecture_kernel_driver>= r41p0 < r46p0r46p0
armbifrost_gpu_kernel_driver>= r41p0 < r46p0r46p0
armvalhall_gpu_kernel_driver>= r41p0 < r46p0r46p0
arm_ltdarm_5th_gen_gpu_architecture_kernel_driverr41p0 – r45p0
arm_ltdbifrost_gpu_kernel_driverr41p0 – r45p0
arm_ltdvalhall_gpu_kernel_driverr41p0 – r45p0
googleandroid
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.