Description
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel. Addresses passed to the GPU Firmware can be used by the Firmware for more privileged memory accesses than are permitted by the system.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Imagination Technologies / Graphics DDK1.18 RTM – 1.18 RTM
- Imagination Technologies / Graphics DDK23.2 RTM – 23.2 RTM
- Imagination Technologies / Graphics DDK24.2 RTM – 24.2 RTM
- Imagination Technologies / Graphics DDK25.1 RTM – 25.3 RTM
- Imagination Technologies / Graphics DDK26.1 RTM – 26.1 RTM
- Imagination Technologies / Graphics DDK26.2 RTM – 26.2 RTM