cbcvebase.
CVE-2024-1395
published 2024-05-03

CVE-2024-1395: Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing…

PriorityP433medium6.7CVSS 3.1
AVLACHPRNUINSUCHIHAN
EPSS
0.15%
5.1th percentile
Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This issue affects Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.

Affected

24 ranges
VendorProductVersion rangeFixed in
arm5th_gen_gpu_architecture_kernel_driver>= r41p0 < r48p0r48p0
arm_ltdarm_5th_gen_gpu_architecture_kernel_driverr41p0 – r47p0
cryptography.iocryptography>= 42.0.0 < 44.0.144.0.1
github.comtraefik_traefik0 – 1.7.34
github.comtraefik_traefik_v2>= 0 < 2.11.32.11.3
github.comtraefik_traefik_v3>= 0 < 3.0.13.0.1
googleandroid
indicoindico>= 0 < 3.3.43.3.4
msrcazure_linux_3.0_arm
msrcazure_linux_3.0_x64
msrcazure_sdk
msrccbl_mariner_2.0_arm
msrccbl_mariner_2.0_x64
msrcmicrosoft_defender_for_endpoint_for_android
msrcmicrosoft_defender_for_endpoint_for_ios
msrcmicrosoft_sql_server_2016_for_x64-based_systems_service_pack_3
msrcmicrosoft_sql_server_2016_for_x64-based_systems_service_pack_3_azure_connect_fea
msrcmicrosoft_sql_server_2017_for_x64-based_systems
msrcmicrosoft_sql_server_2019_for_x64-based_systems
nokogirinokogiri>= 0 < 1.18.41.18.4
nokogirinokogiri>= 0 < 1.18.31.18.3
pimcorepimcore>= 11.0.0-ALPHA1 < 11.1.6.511.1.6.5
pimcorepimcore>= 11.2.0 < 11.2.311.2.3
woodruffwpyrage>= 1.2.0 < 1.2.31.2.3

CVSS provenance

nvdv3.16.7MEDIUMCVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
ghsa9.8CRITICAL
vendor_msrc9.1CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.