CVE-2023-26083
| CVE Published | 2023-04-06 |
|---|---|
| Related CWE(s) | CWE-401: Missing Release of Memory after Effective Lifetime |
| Related Vendor(s) | arm |
| Related Product(s) | avalon_gpu_kernel_driver, valhall_gpu_kernel_driver, midgard, bifrost_gpu_kernel_driver |
| Exploitation Reported (CISA KEV) | 2023-04-07 |
| CVSS 3 Base Score | 3.3 (LOW) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | LOCAL |
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph