CVE-2023-4211 - OpenCVE

A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Arm	Bifrost 5th Gen Gpu Architecture Kernel Driver Midgard Valhall

Configuration 1 [-]

OR	cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver::::::::
	cpe:2.3:a:arm:bifrost::::::::
	cpe:2.3:a:arm:midgard::::::::
	cpe:2.3:a:arm:valhall::::::::

References

Link	Resource
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Arm

Published: 2023-10-01T17:00:27.113Z

Updated: 2023-10-04T16:35:12.961Z

Reserved: 2023-08-07T15:24:51.156Z

Link: CVE-2023-4211

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-10-01T18:15:09.927

Modified: 2023-10-04T20:51:36.240

Link: CVE-2023-4211

JSON object: View

Redhat Information

No data.

CWE

CWE-416

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-4211", "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "state": "PUBLISHED", "assignerShortName": "Arm", "dateReserved": "2023-08-07T15:24:51.156Z", "datePublished": "2023-10-01T17:00:27.113Z", "dateUpdated": "2023-10-04T16:35:12.961Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Midgard GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [{"lessThanOrEqual": "r32p0", "status": "affected", "version": "r12p0", "versionType": "patch"}]}, {"defaultStatus": "unaffected", "product": "Bifrost GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [{"lessThanOrEqual": "r42p0", "status": "affected", "version": "r0p0", "versionType": "patch"}]}, {"defaultStatus": "unaffected", "product": "Valhall GPU Kernel Driver", "vendor": "Arm Ltd", "versions": [{"lessThanOrEqual": "r42p0", "status": "affected", "version": "r19p0", "versionType": "patch"}]}, {"defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Kernel Driver", "vendor": "Arm Ltd", "versions": [{"lessThanOrEqual": "r42p0", "status": "affected", "version": "r41p0", "versionType": "patch"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Maddie Stone, Google Threat Analysis Group "}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Jann Horn, Google Project Zero"}], "datePublic": "2023-10-01T10:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.</p>"}], "value": "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.\n\n"}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "description": "CWE-416 Use after free", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm", "dateUpdated": "2023-10-04T16:35:12.961Z"}, "references": [{"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"}], "source": {"discovery": "EXTERNAL"}, "title": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "arm-security@arm.com", "ID": "CVE-2023-4211", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Mali GPU Kernel Driver", "version": {"version_data": [{"version_value": "Midgard GPU Kernel Driver"}]}}]}, "vendor_name": "Arm Ltd"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "5.0", "description": {"description_data": [{"lang": "eng", "value": "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations"}]}]}, "references": {"reference_data": [{"name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", "refsource": "MISC", "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"}]}}}}}

{"cisaActionDue": "2023-10-24", "cisaExploitAdd": "2023-10-03", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Arm Mali GPU Kernel Driver Use-After-Free Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D525477-F5C3-459A-B5D6-3B1C75B0069B", "versionEndIncluding": "r42p0", "versionStartIncluding": "r41p0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:bifrost:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF8078F2-C783-47EC-9C28-6DA97ECEFEEA", "versionEndIncluding": "r42p0", "versionStartIncluding": "r0p0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:midgard:*:*:*:*:*:*:*:*", "matchCriteriaId": "888E7E35-B0F4-453F-8B51-B2929E504C25", "versionEndIncluding": "r32p0", "versionStartIncluding": "r12p0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:valhall:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4071968-E656-4D71-AF92-EA3C551C5FF4", "versionEndIncluding": "r42p0", "versionStartIncluding": "r19p0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.\n\n"}, {"lang": "es", "value": "Un usuario local sin privilegios puede realizar operaciones inadecuadas de procesamiento de la memoria de la GPU para obtener acceso a la memoria ya liberada."}], "id": "CVE-2023-4211", "lastModified": "2023-10-04T20:51:36.240", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-01T18:15:09.927", "references": [{"source": "arm-security@arm.com", "tags": ["Vendor Advisory"], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"}], "sourceIdentifier": "arm-security@arm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-416"}], "source": "arm-security@arm.com", "type": "Secondary"}]}