Vulnerability Description
An issue was discovered in the Arm Android Gralloc Module. A non-privileged user can read a small portion of the allocator process memory. This affects Bifrost r24p0 through r41p0 before r42p0, Valhall r24p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Arm | Avalon Android Gralloc Module | r41p0 |
| Arm | Bifrost Android Gralloc Module | >= r24p0, <= r41p0 |
| Arm | Valhall Android Gralloc Module | >= r24p0, <= r41p0 |
Related Weaknesses (CWE)
References
- https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20VulnerabVendor Advisory
- https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20VulnerabVendor Advisory
FAQ
What is CVE-2023-22808?
CVE-2023-22808 is a vulnerability with a CVSS score of 3.3 (LOW). An issue was discovered in the Arm Android Gralloc Module. A non-privileged user can read a small portion of the allocator process memory. This affects Bifrost r24p0 through r41p0 before r42p0, Valhal...
How severe is CVE-2023-22808?
CVE-2023-22808 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-22808?
Check the references section above for vendor advisories and patch information. Affected products include: Arm Avalon Android Gralloc Module, Arm Bifrost Android Gralloc Module, Arm Valhall Android Gralloc Module.