1. Home
  2. CVE Database
  3. CVE-2024-1395
MEDIUM · 6.7

CVE-2024-1395

Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is caref...

Vulnerability Description

Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This issue affects Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
Arm5Th Gen Gpu Architecture Kernel Driver>= r41p0, < r48p0

Related Weaknesses (CWE)

CWE-416

References

FAQ

What is CVE-2024-1395?

CVE-2024-1395 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is caref...

How severe is CVE-2024-1395?

CVE-2024-1395 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-1395?

Check the references section above for vendor advisories and patch information. Affected products include: Arm 5Th Gen Gpu Architecture Kernel Driver.