Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 15 Oct 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Imaginationtech
Imaginationtech graphics Ddk
CPEs cpe:2.3:a:imaginationtech:graphics_ddk:*:*:*:*:*:*:*:*
Vendors & Products Imaginationtech
Imaginationtech graphics Ddk
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 14 Oct 2024 08:30:00 +0000

Type Values Removed Values Added
Description Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.
Title GPU DDK - PowerVR: TLB invalidate UAF of dma_buf imported into multiple GPU devices
Weaknesses CWE-362
CWE-416
References

cve-icon MITRE

Status: PUBLISHED

Assigner: imaginationtech

Published:

Updated: 2024-10-15T14:24:07.912Z

Reserved: 2024-08-15T08:21:31.533Z

Link: CVE-2024-43701

cve-icon Vulnrichment

Updated: 2024-10-15T14:23:44.288Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-10-14T09:15:04.157

Modified: 2024-10-15T15:35:16.050

Link: CVE-2024-43701

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.