{"api_version":"1","generated_at":"2026-04-23T04:34:02+00:00","cve":"CVE-2023-28469","urls":{"html":"https://cve.report/CVE-2023-28469","api":"https://cve.report/api/cve/CVE-2023-28469.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-28469","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-28469"},"summary":{"title":"CVE-2023-28469","description":"An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2023-06-02 12:15:00","updated_at":"2023-06-09 21:56:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities","name":"https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities","refsource":"MISC","tags":[],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-28469","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28469","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"28469","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"arm","cpe5":"avalon_gpu_kernel_driver","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"28469","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"arm","cpe5":"valhall_gpu_kernel_driver","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-28469","qid":"610518","title":"Google Android Devices November 2023 Security Patch Missing"},{"cve":"CVE-2023-28469","qid":"610528","title":"Google Android December 2023 Security Patch Missing for Samsung"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2023-28469","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities","refsource":"MISC","name":"https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"}]}},"nvd":{"publishedDate":"2023-06-02 12:15:00","lastModifiedDate":"2023-06-09 21:56:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:arm:avalon_gpu_kernel_driver:*:*:*:*:*:*:*:*","versionStartIncluding":"r41p0","versionEndExcluding":"r43p0","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*","versionStartIncluding":"r29p0","versionEndExcluding":"r43p0","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}