CVE-2024-3655
Sept. 3, 2024, 2:35 p.m.
Tags
CVSS Score
Product(s) Impacted
Arm Ltd Bifrost GPU Kernel Driver
- r43p0 - r49p0
Arm Ltd Valhall GPU Kernel Driver
- r43p0 - r49p0
Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver
- r43p0 - r49p0
Description
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r43p0 through r49p0; Valhall GPU Kernel Driver: from r43p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r43p0 through r49p0.
Weaknesses
CWE-416
Use After Free
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
CWE ID: 416Date
Published: Sept. 3, 2024, 10:15 a.m.
Last Modified: Sept. 3, 2024, 2:35 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
arm-security@arm.com
CVSS Data
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
Exploitability Score
Impact Score
Base Severity
HIGHCVSS Vector String
The CVSS vector string provides an in-depth view of the vulnerability metrics.
View Vector StringCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H