CVE-2022-20235

MEDIUM

PowerVR GPU kernel - Memory Corruption

Title source: llm
STIX 2.1

Description

The PowerVR GPU kernel driver maintains an "Information Page" used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product: AndroidVersions: Android SoCAndroid ID: A-259967780

References (1)

Core 1

Scores

CVSS v3 5.5
EPSS 0.0011
EPSS Percentile 1.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-787
Status published
Products (1)
google/android
Published Jan 26, 2023
Tracked Since Feb 18, 2026