CVE-2023-28147

MEDIUM

Arm Mali GPU Kernel Driver - Memory Corruption

Title source: llm

Description

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0.

References (1)

Core 1

Core References

Vendor Advisory

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

Scores

CVSS v3 5.5

EPSS 0.0016

EPSS Percentile 36.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

Status published

Products (4)

arm/avalon_gpu_kernel_driver r41p0 - r43p0

arm/bifrost_gpu_kernel_driver r17p0 - r43p0

arm/midgard_gpu_kernel_driver r29p0 - r32p0

arm/valhall_gpu_kernel_driver r19p0 - r43p0

Published Jun 02, 2023

Tracked Since Feb 18, 2026