Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-0153

Summary
Assigner-Arm
Assigner Org ID-56a131ea-b967-4a0d-a41e-5f3549952846
Published At-01 Jul, 2024 | 09:05
Updated At-01 Aug, 2024 | 17:41
Rejected At-
Credits

Mali GPU Firmware allows improper GPU processing operations

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. If the operations are carefully prepared, then this in turn could give them access to all system memory. This issue affects Valhall GPU Firmware: from r29p0 through r46p0; Arm 5th Gen GPU Architecture Firmware: from r41p0 through r46p0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Arm
Assigner Org ID:56a131ea-b967-4a0d-a41e-5f3549952846
Published At:01 Jul, 2024 | 09:05
Updated At:01 Aug, 2024 | 17:41
Rejected At:
▼CVE Numbering Authority (CNA)
Mali GPU Firmware allows improper GPU processing operations

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. If the operations are carefully prepared, then this in turn could give them access to all system memory. This issue affects Valhall GPU Firmware: from r29p0 through r46p0; Arm 5th Gen GPU Architecture Firmware: from r41p0 through r46p0.

Affected Products
Vendor
Arm LimitedArm Ltd
Product
Valhall GPU Firmware
Default Status
unaffected
Versions
Affected
  • From r29p0 through r46p0 (patch)
    • -> unaffectedfromr47p0
Vendor
Arm LimitedArm Ltd
Product
Arm 5th Gen GPU Architecture Firmware
Default Status
unaffected
Versions
Affected
  • From r41p0 through r46p0 (patch)
    • -> unaffectedfromr47p0
Problem Types
TypeCWE IDDescription
CWECWE-119CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Type: CWE
CWE ID: CWE-119
Description: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

This issue is fixed in Valhall and Arm 5th Gen GPU Architecture Firmware r47p0. Users are recommended to upgrade if they are impacted by this issue.

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
N/A
Hyperlink: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Arm Limitedarm
Product
valhall_gpu_kernel_driver
CPEs
  • cpe:2.3:a:arm:valhall_gpu_kernel_driver:r29p0:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From r29p0 before r46p0 (custom)
Vendor
Arm Limitedarm
Product
5th_gen_gpu_architecture_kernel_driver
CPEs
  • cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:r41p0:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From r41p0 before r46p0 (custom)
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
x_transferred
Hyperlink: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:arm-security@arm.com
Published At:01 Jul, 2024 | 09:15
Updated At:27 Mar, 2025 | 17:02

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. If the operations are carefully prepared, then this in turn could give them access to all system memory. This issue affects Valhall GPU Firmware: from r29p0 through r46p0; Arm 5th Gen GPU Architecture Firmware: from r41p0 through r46p0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Arm Limited
arm
>>5th_gen_gpu_architecture_firmware>>Versions from r41p0(inclusive) to r47p0(exclusive)
cpe:2.3:o:arm:5th_gen_gpu_architecture_firmware:*:*:*:*:*:*:*:*
Arm Limited
arm
>>valhall_gpu_firmware>>Versions from r29p0(inclusive) to r47p0(exclusive)
cpe:2.3:o:arm:valhall_gpu_firmware:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Secondaryarm-security@arm.com
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Secondary
Source: arm-security@arm.com
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilitiesarm-security@arm.com
Vendor Advisory
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilitiesaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Source: arm-security@arm.com
Resource:
Vendor Advisory
Hyperlink: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

297Records found
CVE-2023-3889
Matching Score-10
Assigner-Arm Limited
ShareView Details
Matching Score-10
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.10% / 29.03%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 15:28
Updated-24 Mar, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver exposes sensitive data from freed memory

A local non-privileged user can make improper GPU memory processing operations. If the operations are carefully prepared, then they could be used to gain access to already freed memory.

Action-Not Available
Vendor-Arm Limited
Product-valhall_gpu_kernel_driverValhall GPU Kernel Driver
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-667
Improper Locking
CVE-2022-22706
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.20%
||
7 Day CHG~0.00%
Published-03 Mar, 2022 | 14:27
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-04-20||Apply updates per vendor instructions.

Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.

Action-Not Available
Vendor-n/aArm Limited
Product-midgard_gpu_kernel_driverbifrost_gpu_kernel_drivervalhall_gpu_kernel_drivern/aMali Graphics Processing Unit (GPU)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-1246
Matching Score-10
Assigner-Arm Limited
ShareView Details
Matching Score-10
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.32%
||
7 Day CHG~0.00%
Published-02 Jun, 2025 | 11:06
Updated-02 Jul, 2025 | 21:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Userspace Driver allows an Out-of-Bounds access

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to access outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r18p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r28p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p3, from r50p0 through r54p0.

Action-Not Available
Vendor-Arm Limited
Product-5th_gen_gpu_architecture_userspace_drivervalhall_gpu_userspace_driverbifrost_gpu_userspace_driverBifrost GPU Userspace DriverArm 5th Gen GPU Architecture Userspace DriverValhall GPU Userspace Driver
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-44828
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.78%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 19:49
Updated-04 Aug, 2024 | 04:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes.

Action-Not Available
Vendor-n/aArm Limited
Product-bifrost_gpu_kernel_drivervalhall_gpu_kernel_drivermidgard_gpu_kernel_drivern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-43619
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.17% / 38.90%
||
7 Day CHG~0.00%
Published-01 Mar, 2022 | 04:31
Updated-27 Nov, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow issue in the Firmware Update partition. In the IPC model, a psa_fwu_write caller from SPE or NSPE can overwrite stack memory locations.

Action-Not Available
Vendor-n/aArm Limited
Product-trusted_firmware-mn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-16273
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.78%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:53
Updated-04 Aug, 2024 | 13:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the stack is not initialized. This vulnerability affects only the software that is based on Armv8-M processors with the Security Extension.

Action-Not Available
Vendor-n/aArm Limited
Product-armv8-marmv8-m_firmwaren/a
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2024-3655
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.54%
||
7 Day CHG~0.00%
Published-03 Sep, 2024 | 09:32
Updated-27 Mar, 2025 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r43p0 through r49p0; Valhall GPU Kernel Driver: from r43p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r43p0 through r49p0.

Action-Not Available
Vendor-Arm Limited
Product-bifrost_gpu_kernel_drivervalhall_gpu_kernel_driver5th_gen_gpu_architecture_kernel_driverBifrost GPU Kernel DriverArm 5th Gen GPU Architecture Kernel DriverValhall GPU Kernel Driverbifrost_gpu_kernel_drivervalhall_gpu_kernel_driverarm_5th_gen_gpu_architecture_kernel_driver
CWE ID-CWE-416
Use After Free
CVE-2023-4295
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.45%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 15:42
Updated-24 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.

Action-Not Available
Vendor-Arm Limited
Product-mali_gpu_kernel_drivervalhall_gpu_kernel_driverArm 5th Gen GPU Architecture Kernel DriverValhall GPU Kernel Driver
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-416
Use After Free
CVE-2023-6241
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-7.88% / 91.65%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 12:15
Updated-13 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r11p0 through r25p0; Valhall GPU Kernel Driver: from r19p0 through r25p0, from r29p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.

Action-Not Available
Vendor-Arm Limited
Product-midgard_gpu_kernel_driverbifrost_gpu_kernel_driver5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driverMidgard GPU Kernel DriverValhall GPU Kernel DriverBifrost GPU Kernel DriverArm 5th Gen GPU Architecture Kernel Drivermidgard_gpu_kernel_driverbifrost_gpu_kernel_driver5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driver
CWE ID-CWE-416
Use After Free
CVE-2023-5643
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.63%
||
7 Day CHG~0.00%
Published-05 Feb, 2024 | 09:49
Updated-15 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. Depending on the configuration of the Mali GPU Kernel Driver, and if the system’s memory is carefully prepared by the user, then this in turn could write to memory outside of buffer bounds.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r45p0; Valhall GPU Kernel Driver: from r41p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r45p0.

Action-Not Available
Vendor-Arm Limited
Product-5th_gen_gpu_architecture_kernel_driverbifrost_gpu_kernel_drivervalhall_gpu_kernel_driverArm 5th Gen GPU Architecture Kernel DriverValhall GPU Kernel DriverBifrost GPU Kernel Driver
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-5427
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.60%
||
7 Day CHG~0.00%
Published-01 Dec, 2023 | 10:13
Updated-13 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r45p0; Valhall GPU Kernel Driver: from r44p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r45p0.

Action-Not Available
Vendor-Arm Limited
Product-bifrost_gpu_kernel_drivervalhall_gpu_kernel_driver5th_gen_gpu_architecture_kernel_driverValhall GPU Kernel DriverArm 5th Gen GPU Architecture Kernel DriverBifrost GPU Kernel Driver
CWE ID-CWE-416
Use After Free
CVE-2024-2937
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.55%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 11:31
Updated-30 Sep, 2024 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0.

Action-Not Available
Vendor-Arm Limited
Product-bifrost_gpu_kernel_driver5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driverBifrost GPU Kernel DriverArm 5th Gen GPU Architecture Kernel DriverValhall GPU Kernel Driverbifrost_gpu_kernel_drivervalhall_gpu_kernel_driver5th_gen_gpu_architecture_kernel_driver
CWE ID-CWE-416
Use After Free
CVE-2022-43701
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.63%
||
7 Day CHG~0.00%
Published-27 Jul, 2023 | 21:28
Updated-13 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure directory permissions on installer files

When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious code.

Action-Not Available
Vendor-Arm Limited
Product-ds_development_studiolinaro_forgearm_compilerfast_modelsmbed_studioarm_compiler_for_embedded_fusaarm_mobile_studioarm_development_studioarm_compiler_for_functional_safetygnu_toolchainkeil_mdkArm Compiler 5 (AC5), Arm Compiler for Embedded 6 (AC6), Fast Models (FM), Arm Compiler for Embedded FuSA (ACEF), Arm Development Studio (ADS), Arm Forge (AF), Arm Mobile Studio (AMS), DS-5 Development Studio, Fast Models (FM), GNU Toolchain (GT), Keil MDK (KMDK), Mbed Studio (MS)
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-43702
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.19%
||
7 Day CHG~0.00%
Published-27 Jul, 2023 | 21:47
Updated-13 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incomplete verification of installation file signature

When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code.

Action-Not Available
Vendor-Arm Limited
Product-ds_development_studioarm_compilerfast_modelsarm_compiler_for_embedded_fusaarm_development_studioarm_compiler_for_functional_safetyArm Compiler 5 (AC5), Arm Compiler for Embedded 6 (AC6), Fast Models (FM), Arm Compiler for Embedded FuSA (ACEF), Arm Development Studio (ADS), Arm Forge (AF), Arm Mobile Studio (AMS), DS-5 Development Studio, Fast Models (FM), GNU Toolchain (GT), Keil MDK (KMDK), Mbed Studio (MS)
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-284
Improper Access Control
CVE-2022-43703
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.49%
||
7 Day CHG~0.00%
Published-27 Jul, 2023 | 21:52
Updated-13 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incomplete verification of installation file signature

An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.

Action-Not Available
Vendor-Arm Limited
Product-ds_development_studioarm_development_studioArm Compiler 5 (AC5), Arm Compiler for Embedded 6 (AC6), Fast Models (FM), Arm Compiler for Embedded FuSA (ACEF), Arm Development Studio (ADS), Arm Forge (AF), Arm Mobile Studio (AMS), DS-5 Development Studio, Fast Models (FM), GNU Toolchain (GT), Keil MDK (KMDK), Mbed Studio (MS)
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24658
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.21% / 43.93%
||
7 Day CHG~0.00%
Published-24 Dec, 2020 | 17:21
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays. When this feature is enabled, a protected function writes a guard value to the stack prior to (above) any vulnerable arrays in the stack. The guard value is checked for corruption on function return; corruption leads to an error-handler call. In certain circumstances, the reference value that is compared against the guard value is itself also written to the stack (after any vulnerable arrays). The reference value is written to the stack when the function runs out of registers to use for other temporary data. If both the reference value and the guard value are written to the stack, then the stack protection will fail to spot corruption when both values are overwritten with the same value. For both the reference value and the guard value to be corrupted, there would need to be both a buffer overflow and a buffer underflow in the vulnerable arrays (or some other vulnerability that causes two separated stack entries to be corrupted).

Action-Not Available
Vendor-n/aArm Limited
Product-arm_compilern/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-0819
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.32%
||
7 Day CHG~0.00%
Published-02 Jun, 2025 | 11:05
Updated-02 Jul, 2025 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows access to already freed memory

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r49p3, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r44p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r49p3, from r50p0 through r54p0.

Action-Not Available
Vendor-Arm Limited
Product-bifrost_gpu_kernel_driver5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driverValhall GPU Kernel DriverArm 5th Gen GPU Architecture Kernel DriverBifrost GPU Kernel Driver
CWE ID-CWE-416
Use After Free
CVE-2025-0427
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.32%
||
7 Day CHG~0.00%
Published-02 May, 2025 | 09:58
Updated-12 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows access to already freed memory

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r8p0 through r49p3, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r19p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0.

Action-Not Available
Vendor-Arm Limited
Product-5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driverbifrost_gpu_kernel_driverArm 5th Gen GPU Architecture Kernel DriverBifrost GPU Kernel DriverValhall GPU Kernel Driver
CWE ID-CWE-416
Use After Free
CVE-2025-0015
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.50%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 10:21
Updated-03 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU processing operations

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to make improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0; Arm 5th Gen GPU Architecture Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0.

Action-Not Available
Vendor-Arm Limited
Product-Arm 5th Gen GPU Architecture Kernel DriverValhall GPU Kernel Driver
CWE ID-CWE-416
Use After Free
CVE-2025-0073
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.32%
||
7 Day CHG~0.00%
Published-02 Jun, 2025 | 11:04
Updated-02 Jul, 2025 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 before r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 before r54p0.

Action-Not Available
Vendor-Arm Limited
Product-5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driverValhall GPU Kernel DriverArm 5th Gen GPU Architecture Kernel Driver
CWE ID-CWE-416
Use After Free
CVE-2025-0072
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.44%
||
7 Day CHG~0.00%
Published-02 May, 2025 | 09:54
Updated-12 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0.

Action-Not Available
Vendor-Arm Limited
Product-5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driverArm 5th Gen GPU Architecture Kernel DriverValhall GPU Kernel Driver
CWE ID-CWE-416
Use After Free
CVE-2023-26085
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.07%
||
7 Day CHG~0.00%
Published-29 Jun, 2023 | 00:00
Updated-27 Nov, 2024 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible out-of-bounds read and write (due to an improper length check of shared memory) was discovered in Arm NN Android-NN-Driver before 23.02.

Action-Not Available
Vendor-n/aArm Limited
Product-nn_android_neural_networks_drivern/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32804
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.20% / 42.23%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 11:54
Updated-28 Aug, 2024 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Userspace Driver can make an Out-of-Bounds access

Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.

Action-Not Available
Vendor-Arm Limited
Product-bifrost_gpu_kernel_driver5th_gen_gpu_architecture_kernel_drivermidgard_gpu_kernel_drivervalhall_gpu_kernel_driverArm 5th Gen GPU Architecture Userspace DriverValhall GPU Userspace DriverMidgard GPU Userspace DriverBifrost GPU Userspace Driver
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-4607
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.54%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 11:33
Updated-30 Sep, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0.

Action-Not Available
Vendor-Arm Limited
Product-bifrost_gpu_kernel_driver5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driverBifrost GPU Kernel DriverArm 5th Gen GPU Architecture Kernel DriverValhall GPU Kernel Driverbifrost_gpu_kernel_drivervalhall_gpu_kernel_driverarm_5th_gen_gpu_architecture_kernel_driver
CWE ID-CWE-416
Use After Free
CVE-2024-4610
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-7.4||HIGH
EPSS-0.46% / 63.20%
||
7 Day CHG+0.02%
Published-07 Jun, 2024 | 11:25
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-07-03||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.

Action-Not Available
Vendor-Arm Limited
Product-bifrost_gpu_kernel_drivervalhall_gpu_kernel_driverValhall GPU Kernel DriverBifrost GPU Kernel Driverbifrost_gpu_kernel_drivervalhall_gpu_kernel_driverMali GPU Kernel Driver
CWE ID-CWE-416
Use After Free
CVE-2025-0050
Matching Score-6
Assigner-Arm Limited
ShareView Details
Matching Score-6
Assigner-Arm Limited
CVSS Score-5.9||MEDIUM
EPSS-0.02% / 4.76%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 12:02
Updated-10 Apr, 2025 | 14:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Userspace Driver allows an Out-of-Bounds access

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to make valid GPU processing operations, including via WebGL or WebGPU, to access a limited amount outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r0p0 through r49p2, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r19p0 through r49p2, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p2, from r50p0 through r53p0.

Action-Not Available
Vendor-Arm Limited
Product-Arm 5th Gen GPU Architecture Userspace DriverBifrost GPU Userspace DriverValhall GPU Userspace Driver
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-46396
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.08% / 23.98%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 00:00
Updated-11 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Arm Mali Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0 before r42p0.

Action-Not Available
Vendor-n/aArm Limited
Product-valhall_gpu_kernel_driveravalon_gpu_kernel_drivern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-46781
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.07% / 20.82%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0 before r42p0.

Action-Not Available
Vendor-n/aArm Limited
Product-avalon_gpu_kernel_drivervalhall_gpu_kernel_drivern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-8036
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.92% / 74.97%
||
7 Day CHG~0.00%
Published-02 Nov, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long session ticket name to the session ticket extension, which is not properly handled when creating a ClientHello message to resume a session. NOTE: this identifier was SPLIT from CVE-2015-5291 per ADT3 due to different affected version ranges.

Action-Not Available
Vendor-polarssln/aArm LimitedopenSUSEFedora ProjectDebian GNU/Linux
Product-fedoraopensusepolarsslmbed_tlsdebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-5291
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.70% / 81.55%
||
7 Day CHG~0.00%
Published-02 Nov, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server name indication (SNI) extension, which is not properly handled when creating a ClientHello message. NOTE: this identifier has been SPLIT per ADT3 due to different affected version ranges. See CVE-2015-8036 for the session ticket issue that was introduced in 1.3.0.

Action-Not Available
Vendor-polarssln/aArm LimitedopenSUSEFedora ProjectDebian GNU/Linux
Product-fedoraleapopensusepolarsslmbed_tlsdebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-0487
Matching Score-6
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-6
Assigner-Debian GNU/Linux
CVSS Score-9.8||CRITICAL
EPSS-14.33% / 94.15%
||
7 Day CHG~0.00%
Published-13 Feb, 2018 | 15:00
Updated-05 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session.

Action-Not Available
Vendor-n/aDebian GNU/LinuxArm Limited
Product-mbed_tlsdebian_linuxARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8414
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.18% / 40.32%
||
7 Day CHG~0.00%
Published-02 Jul, 2019 | 19:56
Updated-05 Aug, 2024 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary orthrus in /sbin folder of the device handles all the UPnP connections received by the device. It seems that the binary performs a sprintf operation at address 0x0000A3E4 with the value in the command line parameter "-f" and stores it on the stack. Since there is no length check, this results in corrupting the registers for the function sub_A098 which results in memory corruption.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dcs-1100dcs-1130dcs-1100_firmwaredcs-1130_firmwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8245
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.13%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-7541
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.07%
||
7 Day CHG~0.00%
Published-25 Jul, 2017 | 04:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kernelLinux kernel before 4.12.3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8062
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.42%
||
7 Day CHG~0.00%
Published-23 Apr, 2017 | 05:37
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

drivers/media/usb/dvb-usb/dw2102.c in the Linux kernel 4.9.x and 4.10.x before 4.10.4 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8064
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.69%
||
7 Day CHG~0.00%
Published-23 Apr, 2017 | 05:37
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-linux_kerneldebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-53033
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.79%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-07 Mar, 2025 | 11:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Untrusted Pointer Dereference in DSP_Services

Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresc8380xpsc8380xp_firmwarefastconnect_6900fastconnect_6900_firmwarefastconnect_7800_firmwarewsa8840_firmwarewcd9385_firmwarefastconnect_7800wsa8845h_firmwarewcd9380wsa8845hwsa8845_firmwarewsa8840wcd9385wsa8845Snapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-822
Untrusted Pointer Dereference
CVE-2017-7187
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.74%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-49840
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.66%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in WLAN Windows Host

Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewsa8840qcc2076fastconnect_6900wcd9380sc8380xp_firmwarewsa8845h_firmwareqcc2073wcd9385_firmwarewsa8845hwsa8845fastconnect_7800wcd9380_firmwareqcc2076_firmwarefastconnect_6900_firmwareqcc2073_firmwaresc8380xpwcd9385wsa8840_firmwarewsa8845_firmwareSnapdragon
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5711
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.97%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)Siemens AGIntel Corporation
Product-rog_strix_z270g_gaming_firmwareh110-plus_firmwareh170m-plus\/brsimatic_ipc627dprime_h110m-ptuf_z270_mark_2rog_strix_z270h_gaming\/k1prime_j3355i-cb150i_pro_gaming\/aurasimatic_ipc827ch110m-a\/dp_firmwaresimatic_ipc477d_firmwareq170t_firmwareb250m-f_plush110m-ksh110m-a_d3ex-b150m-v5rog_strix_b250i_gaming_firmwareh170_pro_gamingsimotion_p320-4strooper_b150_d3_firmwareh110s2b150m-dtuf_z370-plus_gaming_firmwareh110m-ts_firmwaresimatic_ipc647d_firmwareb150-asimatic_ipc477db150m-plus_d3_firmwarerog_maximus_viii_hero_firmwarerog_strix_z270f_gamingrog_maximus_viii_ranger_firmwareb150m-v_plus_firmwareprime_q270m-ch110-plush110s2_firmwareh110m-e_firmwareprime_h110m2\/fpt_firmwaresabertooth_z170_mark_1h110m-c\/hdmi_firmwaresinumerik_pcu50.5-p_firmwaretuf_z370-pro_gaming_firmwarerog_maximus_viii_hero_alpha_firmwarerog_maximus_ix_hero_firmwarez170-krog_strix_b250g_gaming_firmwarerog_strix_z370-f_gamingb150m-ah110m-aex-b250m-v5z170-prosimatic_ipc477eb150m-k_d3prime_h110m2_firmwarerog_maximus_viii_formulaprime_b250m-dsimatic_field_pg_m3_firmwarerog_maximus_ix_extremesimatic_ipc677cb150m-k_firmwareq170s1_firmwareex-b150m-v3_firmwareprime_b250m-jb150m-a_d3_firmwarez170m-e_d3z170-k_firmwarepio-b150m_firmwarerog_strix_h270i_gaming_firmwareh170m-plush110m-ks_r1_firmwareex-b250-v7b150m-plusz170-ar_firmwareh110m-plusb150m-v_plush110m-kex-b150-v7_firmwareh110m-a_d3_firmwarerog_strix_b250h_gaming_firmwareh110m-c\/br_firmwarez170m-plus\/brprime_h270-plus_firmwareprime_h110m2\/fptprime_z270m-plus\/br_firmwareh110t-a_firmwareh110i-plus_firmwaresimatic_ipc627d_firmwaresimatic_field_pg_m3prime_z270-kh170i-pro_firmwaresimatic_field_pg_m4simatic_ipc627ch170i-prob150m-plus_d3z170-premium_firmwaresabertooth_z170_mark_1_firmwareb150m-f_plush170m-e_d3z170-eb150-pro_firmwarepio-b150mrog_maximus_ix_codeprime_b250-plus_firmwareh110m-c_firmwarerog_maximus_x_hero_firmwaresimatic_itp1000simatic_ipc427d_firmwareh110m-e\/m.2_firmwareprime_h110m2rog_maximus_x_formularog_maximus_x_formula_firmwareh110m-d\/exper\/sib150_pro_gaming\/aura_firmwaremanageability_engine_firmwarerog_maximus_ix_herorog_strix_z270i_gamingh170-plus_d3_firmwareex-b150m-v_firmwareq170m-cm-brog_strix_z370-g_gamingprime_z270-arb150-pro_d3rog_strix_z270h_gamingh110m-cs\/br_firmwarerog_strix_z370-i_gamingrog_strix_z370-h_gaming_firmwareh110m-d_firmwaresabertooth_z170_sb150_pro_gamingh110m-a\/m.2q270m-cm-asimatic_ipc847c_firmwareh110m-rh170-pro\/usb_3.1_firmwareq170m2_firmwareb150m-kprime_z270m-plus_firmwareh110m-a_firmwareex-h110m-v3_firmwareh110m-k_x_firmwarez170m-e_d3_firmwareh170_pro_gaming_firmwareb150m-k_d3_firmwarerog_strix_z270f_gaming_firmwarerog_strix_b250f_gamingh110m-cs\/brq170s1ex-b250-v7_firmwaresabertooth_z170_s_firmwarerog_strix_b250h_gamingh110m-d\/exper\/si_firmwareex-b150m-v5_firmwareprime_b250m-d_firmwareh110m-p\/dvib150i_pro_gaming\/aura_firmwaresimatic_ipc647db150m-f_plus_firmwareh110m-ks_r1h110m-c\/ps_firmwareb150-proprime_h270-proex-h110m-v_firmwareex-b250m-v3rog_strix_z270g_gamingrog_maximus_ix_formula_firmwarerog_maximus_viii_gene_firmwareprime_z270-p_firmwareex-h110m-v3h110m-c2\/tf_firmwarez170-p_firmwareq270-sactive_management_technology_firmwaresimatic_ipc427e_firmwarez170m-plustrooper_h110_d3z170-deluxe_firmwaresimatic_ipc547d_firmwaresimatic_ipc847cprime_q270m-c_firmwaresimatic_ipc547dh170m-plus_firmwareb250_mining_expert_firmwarerog_strix_h270i_gamingrog_strix_z270h_gaming\/k1_firmwareprime_z370-pz170-e_firmwarerog_maximus_viii_extreme_firmwareb250_mining_expertb150m-a_d3simatic_ipc677dh110m-c2prime_b250m-a_firmwaresimatic_ipc627c_firmwareprime_b250m-plus\/br_firmwarez170-ah110m-k_firmwaretuf_z270_mark_1_firmwareb150_pro_gaming_d3q170m-c_firmwarez170_pro_gaming\/auraex-b250m-vh110m-a\/m.2_firmwareb150m-d_firmwarerog_strix_b250f_gaming_firmwareprime_z370-a_firmwaresinumerik_pcu50.5-crog_maximus_x_code_firmwarerog_maximus_viii_impactsimatic_ipc827d_firmwareprime_b250m-plus_firmwarez170-deluxeb150m-cprime_b250m-plush110m-cs_xb150-pro_d3_firmwareprime_b250-proz170-a_firmwareb150_pro_gaming_d3_firmwareb150-plusprime_z270-a_firmwareprime_z270-k_firmwareh110m-c\/hdmisimatic_itp1000_firmwareprime_b250-a_firmwareprime_b250-arog_maximus_viii_geneh110t-aex-b250m-v5_firmwaresimatic_ipc647c_firmwareb150-a_firmwaresimatic_ipc427drog_maximus_viii_impact_firmwareq170th110m-r_firmwareh110m-crog_maximus_ix_apex_firmwareprime_z270-ar_firmwarez170_pro_gaming\/aura_firmwareh110m-fprime_b250m-k_firmwareprime_b250m-j_firmwarerog_strix_z370-e_gamingprime_b250m-c_firmwarerog_strix_z270i_gaming_firmwareprime_b250m-ah110m-p\/dvi_firmwareb150m-a_firmwareh170-plus_d3h110m-c\/brrog_strix_b250g_gamingb250-srog_maximus_ix_extreme_firmwareprime_z270m-plusb150_pro_gaming_firmwareex-b150-v7prime_j3355i-c_firmwareb150m-c_d3_firmwaresimatic_ipc427eprime_b250-pro_firmwareh110tq170m2\/cdm\/sib150m-a\/m.2z170_pro_gaming_firmwarerog_strix_z270e_gaming_firmwareb150m-c_firmwarerog_strix_z370-e_gaming_firmwareb150_pro_gaming\/auraq170m2prime_b250m-kprime_z370-aex-h110m-vh110m-dq170t_v2b150m-plus_firmwaresimatic_ipc647csinumerik_pcu50.5-c_firmwareb150m-a\/m.2_firmwareprime_h110m-p_firmwarez170-pro_firmwaresimatic_ipc847dh110m-k_d3z170-premiumex-b250m-v_firmwarerog_strix_z370-g_gaming_firmwareh110i-plussimatic_ipc477d_pro_firmwareb250m-f_plus_firmwarerog_maximus_viii_rangerh110m-plus_firmwareh110m-f_firmwareex-b150m-vtrooper_h110_d3_firmwarerog_maximus_x_apex_firmwarez170i_pro_gamingsimatic_field_pg_m5_firmwaretrooper_b150_d3simatic_ipc677d_firmwarerog_maximus_ix_apexh110m-a\/dpb150m-c\/brrog_strix_z370-i_gaming_firmwareh170-pro_firmwareb150i_pro_gaming\/wifi\/aura_firmwareh110m-erog_maximus_x_heroh110m-cs_firmwareh110m-cssimatic_field_pg_m4_firmwareh110m-cs_x_firmwareb150m-c_d3rog_maximus_viii_extremeh110s1_firmwaretuf_z270_mark_1z170m-plus\/br_firmwareex-b150m-v3prime_z270-pb150-plus_firmwareprime_z370-p_firmwareq170m2\/cdm\/si_firmwarerog_maximus_ix_formulatuf_z370-pro_gamingh170m-e_d3_firmwareb250m-c_prorog_strix_b250i_gamingrog_strix_z370-h_gamingprime_z270m-plus\/brh110m-ks_firmwareb250-mr_firmwareq170m-cm-b_firmwaresimatic_ipc477e_firmwarerog_strix_h270f_gamingrog_strix_z370-f_gaming_firmwareh110s1prime_h270m-plusz170-p_d3prime_b250m-cz170i_pro_gaming_firmwarerog_maximus_viii_heroh110m-tssimatic_ipc477d_propio-b250i_firmwareq170t_v2_firmwareprime_h270m-plus_firmwareb150m-c\/br_firmwareq170m-crog_maximus_x_codetuf_z370-plus_gamingb250-mrh170-prosimatic_ipc547erog_maximus_viii_formula_firmwareb250m-c_pro_firmwarerog_strix_h270f_gaming_firmwareh170-pro\/usb_3.1z170-p_d3_firmwarerog_maximus_x_apexpio-b250ib150m_pro_gaming_firmwarez170m-plus_firmwaresimatic_ipc547e_firmwaresimatic_ipc827dh110m-c\/psh110m-k_d3_firmwarerog_maximus_viii_hero_alphasimatic_field_pg_m5b150i_pro_gaming\/wifi\/aurarog_strix_z270h_gaming_firmwarerog_maximus_ix_code_firmwareprime_h270-pro_firmwareb150m_pro_gamingh110m-c2\/tfq270m-cm-a_firmwareh110m-c2_firmwarerog_strix_z270e_gamingtuf_z270_mark_2_firmwaresimatic_ipc677c_firmwareprime_b250m-plus\/brq270-s_firmwareh110t_firmwareex-b250m-v3_firmwarez170-ph110m-e\/m.2z170-arh110m-k_xsinumerik_pcu50.5-pb250-s_firmwareprime_z270-asimotion_p320-4s_firmwareprime_b250-plusprime_h270-plussimatic_ipc847d_firmwareh170m-plus\/br_firmwarez170_pro_gamingsimatic_ipc827c_firmwareActive Management Technology
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-45573
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.79%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-12 Feb, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in Display

Memory corruption may occour while generating test pattern due to negative indexing of display ID.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewsa8840fastconnect_6900qcm5430_firmwareqcm6490_firmwaresdm429wsc8380xp_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_429_mobilefastconnect_6700qcs5430wcd9375_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewsa8845h_firmwarewcn3620_firmwarewcd9385_firmwarewsa8845qcm6490fastconnect_6700_firmwarewcd9380_firmwarewcd9375qcs5430_firmwarewcn3660bsc8280xp-abbb_firmwaresdm429w_firmwarewcd9370_firmwarewsa8845_firmwarevideo_collaboration_vc3_platform_firmwareqcm5430wcd9370wcd9380video_collaboration_vc3_platformwsa8830snapdragon_429_mobile_firmwarewsa8835wsa8845hwsa8830_firmwarewcn3620fastconnect_7800fastconnect_6900_firmwareqcs6490qcs6490_firmwaresc8380xpwcd9385wsa8840_firmwarewcn3660b_firmwarewsa8835_firmwaresc8280xp-abbbSnapdragon
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-45584
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.79%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Untrusted Pointer Dereference in Automotive Android OS

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwareqep8111sa7255psnapdragon_x35_5g_modem-rfwcn7860qamsrv1mqdu1210qcn6224_firmwareqam8295p_firmwarewcn7881_firmwareqcs8550_firmwareqru1052_firmwarewcn7881qdu1010_firmwaresa7775p_firmwaresa8775pqca6574au_firmwareqam8775psa8195psa8650p_firmwareqcn6274_firmwareqca6391qca6584ausm8750wcn3950_firmwarevision_intelligence_400qca6688aq_firmwareqdu1110wcn6650qdu1210_firmwaresa8255psnapdragon_480_5g_mobilewcn3950snapdragon_w5\+_gen_1_wearablesw5100wsa8845_firmwareqcc710_firmwareqru1052qdu1000_firmwareqca6574_firmwareqcm8550_firmwaresnapdragon_8\+_gen_2_mobilesw5100p_firmwarear8035wcn6755_firmwareqep8111_firmwarevideo_collaboration_vc5_platform_firmwaresm7635_firmwaresrv1l_firmwareqru1032wsa8845hqca6574sa6155p_firmwarewcn6450_firmwaresnapdragon_4_gen_1_mobileqcm8550snapdragon_680_4g_mobilewcd9341sa8650psa8770p_firmwarewcn3988wcn7880_firmwareqca6698aq_firmwarewcd9395_firmwareqamsrv1m_firmwaresa8775p_firmwarewcn3990_firmwareqcs6125sm7635snapdragon_680_4g_mobile_firmwarefastconnect_6900qca6688aqwcn3988_firmwareqca6574awcd9335qcs8250wcd9375_firmwarewcd9385_firmwareqam8650p_firmwarewsa8810qdx1011snapdragon_8_gen_3_mobile_firmwareqam8255p_firmwaresa8295pwcd9375snapdragon_685_4g_mobile_firmwaresa8620p_firmwaresm6650snapdragon_w5\+_gen_1_wearable_firmwaresa7255p_firmwareqca6595_firmwareqdu1000fastconnect_6200_firmwareqamsrv1hsa6155psnapdragon_x75_5g_modem-rf_firmwarewcd9380snapdragon_480\+_5g_mobile_firmwaresnapdragon_480\+_5g_mobileqamsrv1h_firmwaresa8155pwcn7861_firmwarewsa8832_firmwaresw5100pwsa8830_firmwarewcn6755qca8081sg4150psnapdragon_8_gen_2_mobile_firmwareqca6595au_firmwareqdu1110_firmwareqcn6224wcd9385sa8255p_firmwarewsa8840_firmwareqca6595auqfw7124_firmwareqam8255psm4635wsa8840srv1hqam8620psm8550p_firmwareqfw7124ar8035_firmwareqca6696sa8195p_firmwaresg4150p_firmwaresa8155p_firmwareqca6595sm7675snapdragon_460_mobileqca8337wsa8845h_firmwareqdx1010_firmwareqam8650pqca8337_firmwarevideo_collaboration_vc1_platform_firmwarewsa8845qcm6125wcn6650_firmwarewcd9380_firmwarevision_intelligence_400_firmwarewcn6450qca6391_firmwaresnapdragon_662_mobile_firmwareqca6174a_firmwaresrv1mqdx1010qdu1010qru1062qam8775p_firmwaresm8635pvideo_collaboration_vc5_platformwcn3980sm8635p_firmwaresnapdragon_685_4g_mobilewcd9370wcd9340_firmwareqcs7230_firmwarewcd9378sm7675_firmwaresa8295p_firmwareqcm4325_firmwaresm8750psa9000pwsa8835sm8750p_firmwareqca8081_firmwareqca6678aqfastconnect_7800qca6797aq_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_x75_5g_modem-rfwcd9341_firmwarewcd9340qam8295pqcs8250_firmwaresnapdragon_695_5g_mobilesnapdragon_8_gen_2_mobileqca6174awcn7880qam8620p_firmwaresm4635_firmwareqcm6125_firmwarewcd9378_firmwarewcd9335_firmwareqca6574auqca6797aqqcs7230qcs8550sm7675psw5100_firmwaresm6650_firmwaresnapdragon_auto_5g_modem-rf_gen_2qca6584au_firmwarewcn3990qca6696_firmwaresm7675p_firmwaresnapdragon_x72_5g_modem-rf_firmwareqdx1011_firmwarewsa8810_firmwareqru1032_firmwaresrv1m_firmwarewsa8832wcd9390_firmwareqcn6274sm8635qcc710snapdragon_695_5g_mobile_firmwaresm8635_firmwaresnapdragon_8_gen_3_mobilewsa8815qcs6125_firmwaresnapdragon_662_mobilesnapdragon_x72_5g_modem-rfqru1062_firmwarewcn7861qca6574a_firmwaresa8620psm8750_firmwarewsa8830wsa8815_firmwaresrv1lsnapdragon_8\+_gen_2_mobile_firmwarewcn7860_firmwaresa8770pfastconnect_6200srv1h_firmwarewcn3980_firmwaresnapdragon_x35_5g_modem-rf_firmwareqca6678aq_firmwareqca6698aqvideo_collaboration_vc1_platformsnapdragon_4_gen_1_mobile_firmwarefastconnect_6900_firmwareqcm4325snapdragon_460_mobile_firmwaresa9000p_firmwareqfw7114sm8550pwcd9390sa7775pwcd9395qfw7114_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8835_firmwarewcd9370_firmwareSnapdragon
CWE ID-CWE-822
Untrusted Pointer Dereference
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-17853
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.28%
||
7 Day CHG~0.00%
Published-23 Dec, 2017 | 04:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-linux_kerneldebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-17856
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.28%
||
7 Day CHG~0.00%
Published-23 Dec, 2017 | 04:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-linux_kerneldebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-17855
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.04%
||
7 Day CHG~0.00%
Published-23 Dec, 2017 | 04:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-linux_kerneldebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-17857
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.28%
||
7 Day CHG~0.00%
Published-23 Dec, 2017 | 04:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-linux_kerneldebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-16996
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-7.8||HIGH
EPSS-0.12% / 32.46%
||
7 Day CHG~0.00%
Published-22 Dec, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging register truncation mishandling.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-linux_kerneldebian_linuxLinux kernel through 4.14.8
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-45181
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.02% / 2.16%
||
7 Day CHG~0.00%
Published-12 Sep, 2024 | 00:00
Updated-18 Sep, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in kernel memory corruption.

Action-Not Available
Vendor-wibun/awibuMicrosoft Corporation
Product-windowswibukeyn/awibukey
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-5699
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.77%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 21:05
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra bootloader contains a vulnerability where the software performs an incorrect bounds check, which may lead to buffer overflow resulting in escalation of privileges and code execution. escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges.

Action-Not Available
Vendor-n/aGoogle LLCNVIDIA Corporation
Product-shield_experienceandroidNVIDIA SHIELD TV
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-16995
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-7.8||HIGH
EPSS-82.85% / 99.20%
||
7 Day CHG~0.00%
Published-22 Dec, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.Linux Kernel Organization, Inc
Product-linux_kerneldebian_linuxubuntu_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found