CVE-2024-1065
published 2024-04-19CVE-2024-1065: Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows…
PriorityP428medium5.9CVSS 3.1
AVLACLPRNUINSUCLILAL
EPSS
0.21%
11.2th percentile
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r45p0 through r48p0; Valhall GPU Kernel Driver: from r45p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r45p0 through r48p0.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arm | 5th_gen_gpu_architecture_kernel_driver | >= r45p0 < r49p0 | r49p0 |
| arm | bifrost_gpu_kernel_driver | >= r45p0 < r49p0 | r49p0 |
| arm | valhall_gpu_kernel_driver | >= r45p0 < r49p0 | r49p0 |
| arm_ltd | arm_5th_gen_gpu_architecture_kernel_driver | r45p0 – r48p0 | — |
| arm_ltd | bifrost_gpu_kernel_driver | r45p0 – r48p0 | — |
| arm_ltd | valhall_gpu_kernel_driver | r45p0 – r48p0 | — |
| android | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jhp9-93xh-vh3m: Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driv
ghsa_unreviewed·2024-04-19
CVE-2024-1065 [MEDIUM] CWE-416 GHSA-jhp9-93xh-vh3m: Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driv
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r45p0 through r48p0; Valhall GPU Kernel Driver: from r45p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r45p0 through r48p0.
Android
CVE-2024-1065: Mali
vendor_android·2024-06-01·CVSS 5.9
CVE-2024-1065 [MEDIUM] CVE-2024-1065: Mali
Android Security Bulletin 2024-06-01
CVE: CVE-2024-1065
Severity: HIGH
Component: Mali
References: A-329096276 *
Suricata
GPL EXPLOIT ISAPI .ida access
suricata·2010-09-23
CVE-2000-0071 GPL EXPLOIT ISAPI .ida access
GPL EXPLOIT ISAPI .ida access
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT ISAPI .ida access"; flow:established,to_server; http.uri; content:".ida"; nocase; endswith; reference:arachnids,552; reference:bugtraq,1065; reference:cve,2000-0071; classtype:web-application-activity; sid:2101242; rev:15; metadata:created_at 2010_09_23, cve CVE_2000_0071, signature_severity Major, updated_at 2024_03_08;)
Suricata
GPL EXPLOIT ISAPI .ida attempt
suricata·2010-09-23
CVE-2000-0071 GPL EXPLOIT ISAPI .ida attempt
GPL EXPLOIT ISAPI .ida attempt
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT ISAPI .ida attempt"; flow:established,to_server; http.uri; content:".ida?"; nocase; reference:arachnids,552; reference:bugtraq,1065; reference:cve,2000-0071; classtype:web-application-attack; sid:2101243; rev:15; metadata:created_at 2010_09_23, cve CVE_2000_0071, signature_severity Major, updated_at 2024_03_08;)
Suricata
GPL EXPLOIT ISAPI .idq attempt
suricata·2010-09-23
CVE-2000-0071 GPL EXPLOIT ISAPI .idq attempt
GPL EXPLOIT ISAPI .idq attempt
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT ISAPI .idq attempt"; flow:established,to_server; http.uri; content:".idq?"; nocase; reference:arachnids,553; reference:bugtraq,1065; reference:bugtraq,968; reference:cve,2000-0071; reference:cve,2000-0126; reference:nessus,10115; classtype:web-application-attack; sid:2101244; rev:18; metadata:created_at 2010_09_23, cve CVE_2000_0071, signature_severity Major, updated_at 2024_03_08;)
Suricata
GPL EXPLOIT ISAPI .idq access
suricata·2010-09-23
CVE-2000-0071 GPL EXPLOIT ISAPI .idq access
GPL EXPLOIT ISAPI .idq access
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT ISAPI .idq access"; flow:established,to_server; http.uri; content:".idq"; nocase; reference:arachnids,553; reference:bugtraq,1065; reference:cve,2000-0071; classtype:web-application-activity; sid:2101245; rev:14; metadata:created_at 2010_09_23, cve CVE_2000_0071, signature_severity Major, updated_at 2024_03_08;)
No public exploits indexed.
No writeups or analysis indexed.
2024-04-19
Published