CVE-2023-26083 — LOW (3.3) — White Hats Nepal

Q: How severe is CVE-2023-26083?

CVE-2023-26083 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-26083?

Check the references section above for vendor advisories and patch information. Affected products include: Arm 5Th Gen Gpu Architecture Kernel Driver, Arm Bifrost Gpu Kernel Driver, Arm Midgard Gpu Kernel Driver, Arm Valhall Gpu Kernel Driver.

Vulnerability Description

Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.

CVSS Score

3.3

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Arm	5Th Gen Gpu Architecture Kernel Driver	>= r41p0, < r43p0
Arm	Bifrost Gpu Kernel Driver	>= r0p0, < r43p0
Arm	Midgard Gpu Kernel Driver	>= r6p0, <= r32p0
Arm	Valhall Gpu Kernel Driver	>= r19p0, < r43p0

Related Weaknesses (CWE)

CWE-401

References

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20VulnerabVendor Advisory
https://www.cybersecurity-help.cz/vdb/SB2023033049Third Party Advisory
https://www.cybersecurity-help.cz/vulnerabilities/74210/Third Party Advisory
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20VulnerabVendor Advisory
https://www.cybersecurity-help.cz/vdb/SB2023033049Third Party Advisory
https://www.cybersecurity-help.cz/vulnerabilities/74210/Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-US Government Resource

FAQ

What is CVE-2023-26083?

CVE-2023-26083 is a vulnerability with a CVSS score of 3.3 (LOW). Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all...

How severe is CVE-2023-26083?

CVE-2023-26083 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-26083?

Check the references section above for vendor advisories and patch information. Affected products include: Arm 5Th Gen Gpu Architecture Kernel Driver, Arm Bifrost Gpu Kernel Driver, Arm Midgard Gpu Kernel Driver, Arm Valhall Gpu Kernel Driver.