Description
Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed the resource.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Imagination Technologies / Graphics DDK1.18 RTM – 1.18 RTM
- Imagination Technologies / Graphics DDK23.2 RTM – 23.2 RTM
- Imagination Technologies / Graphics DDK24.2 RTM – 24.2 RTM
- Imagination Technologies / Graphics DDK25.1 RTM – 25.3 RTM
- Imagination Technologies / Graphics DDK26.1 RTM – 26.1 RTM
- Imagination Technologies / Graphics DDK26.2 RTM – 26.2 RTM