CVE-2023-28147 in Mali GPU Kernel Driverinfo

Summary

by MITRE • 06/02/2023

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0.

Once again VulDB remains the best source for vulnerability data.

Analysis

by VulDB Data Team • 12/01/2025

The vulnerability CVE-2023-28147 represents a critical memory safety issue within the Arm Mali GPU kernel driver that fundamentally compromises the integrity of GPU memory management operations. This flaw exists in multiple generations of Arm's GPU architectures including Midgard, Bifrost, and Valhall series, affecting versions from r29p0 through r32p0, r17p0 through r42p0 before r43p0, and r19p0 through r42p0 before r43p0 respectively. The vulnerability stems from improper handling of GPU processing operations that allows unauthorized memory access patterns to exploit already freed memory regions, creating a serious security risk for systems utilizing Arm Mali graphics processors.

The technical exploitation of this vulnerability occurs when a non-privileged user executes specific GPU operations that manipulate memory pointers or command buffers in ways that bypass normal memory management safeguards. This improper GPU processing creates a race condition or memory corruption scenario where the kernel driver fails to properly validate memory access requests, allowing the user to access memory that has been marked for deallocation but not yet fully reclaimed by the system. The flaw specifically affects the GPU's memory management unit which handles the allocation, deallocation, and access control of graphics memory buffers, creating a pathway for arbitrary memory reads and potentially writes.

From an operational impact perspective, this vulnerability enables a local attacker to escalate privileges and gain access to sensitive data that should be protected by the GPU's memory isolation mechanisms. The attack vector is particularly concerning because it operates at the kernel level within the GPU driver, meaning that successful exploitation could lead to complete system compromise. The vulnerability affects a wide range of devices including mobile phones, tablets, embedded systems, and automotive platforms that utilize Arm Mali GPUs, making it a significant concern for device manufacturers and end-users alike. This flaw could potentially enable attackers to extract confidential information from GPU memory, manipulate graphics processing operations, or even execute arbitrary code within the GPU context.

The mitigation strategies for CVE-2023-28147 primarily focus on updating the affected GPU kernel drivers to versions that properly address the memory management validation issues. System administrators should immediately deploy patches from Arm and device manufacturers to ensure that all affected GPU drivers are updated to versions that prevent improper memory access operations. Additionally, implementing runtime protections such as memory access monitoring and GPU command buffer validation can help detect and prevent exploitation attempts. Organizations should also consider implementing network segmentation and privilege separation to limit the potential impact of successful exploitation, as the vulnerability requires local access to the system but can potentially escalate to system-level privileges. This vulnerability aligns with CWE-476 which describes null pointer dereference issues, and could be mapped to ATT&CK technique T1068 for local privilege escalation through kernel exploits. The widespread adoption of affected GPU architectures makes this vulnerability particularly dangerous as it affects numerous devices across different computing platforms and industries.

Reservation

03/12/2023

Disclosure

06/02/2023

Moderation

accepted

CPE

ready

EPSS

0.00182

KEV

no

Activities

very low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!