Description
A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. The shader code contained in the web page executes a path in the compiler that held onto an out of date pointer, pointing to a freed memory object.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Imagination Technologies / Graphics DDK1.17 RTM – 1.17 RTM
- Imagination Technologies / Graphics DDK1.18 RTM – 1.18 RTM
- Imagination Technologies / Graphics DDK23.2 RTM – 23.2 RTM
- Imagination Technologies / Graphics DDK24.1 RTM – 24.2 RTM
- Imagination Technologies / Graphics DDK25.1 RTM – 25.2 RTM
- Imagination Technologies / Graphics DDK25.3 RTM – 25.3 RTM